All the vulnerabilites related to adobe - flash_player_desktop_runtime
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2024-11-21 02:57
Severity ?
Summary
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989, and CVE-2016-6990.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player_desktop_runtime | * | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "AC8E6823-74A6-4013-8719-3AECCD82E528", "versionEndIncluding": "23.0.0.162", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "44F8E3B1-C71C-4402-B58C-B6AEA1F9D123", "versionEndIncluding": "23.0.0.162", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "FF98FA22-5DF9-4408-946F-14F23F83B397", "versionEndIncluding": "23.0.0.162", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "0C7D71FC-0E0F-40CF-B6D1-ED900D0E1D1E", "versionEndIncluding": "18.0.0.375", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "9354C77F-09CA-4B4A-9775-54E5B78B045C", "versionEndIncluding": "23.0.0.162", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:linux:*:*", "matchCriteriaId": "8783B83A-0C8C-495E-BD14-C0857D9FB29D", "versionEndIncluding": "11.2.202.635", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989, and CVE-2016-6990." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.382 y 19.x hasta la versi\u00f3n 23.x en versiones anteriores a 23.0.0.185 en Windows y OS X y en versiones anteriores a 11.2.202.637 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989 y CVE-2016-6990." } ], "id": "CVE-2016-6984", "lastModified": "2024-11-21T02:57:14.250", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-10-13T19:59:56.210", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/93490" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036985" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/93490" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036985" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-03-12 15:59
Modified
2024-11-21 02:42
Severity ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | air | * | |
android | - | ||
adobe | air_sdk | * | |
samsung | x14j_firmware | t-ms14jakucb-1102.5 | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "7DB17574-F635-4CD2-97CD-92802EB88D83", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*", "matchCriteriaId": "026FF3B7-3C8D-42CA-AA19-678245A98619", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "00014504-21F2-4868-A17F-2B46E8F5D4B2", "versionEndIncluding": "20.0.0.260", "vulnerable": true }, { "criteria": "cpe:2.3:o:samsung:x14j_firmware:t-ms14jakucb-1102.5:*:*:*:*:*:*:*", "matchCriteriaId": "3A5867B4-EC19-45D4-87BE-867E1D41ECD5", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "FE45C4DB-E4D8-4AF7-9F13-963C62121EFF", "versionEndIncluding": "11.2.202.569", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "759CBC1F-B487-4562-9846-73B9D5DB2278", "versionEndIncluding": "20.2.2.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "AA526566-68B7-44D8-9886-41EE8E6C328B", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "56042C70-3EDA-47F9-AF4E-585659142AF7", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "F8FC6A7D-B68A-45D6-8AAA-97B0D88DA0A5", "versionEndIncluding": "20.0.0.260", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "602FF6D7-8811-443C-83F3-1306965872D7", "versionEndIncluding": "20.0.0.260", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.333 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.182 en Windows y OS X y en versiones anteriores a 11.2.202.577 en Linux, Adobe AIR en versiones anteriores a 21.0.0.176, Adobe AIR SDK en versiones anteriores a 21.0.0.176 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 21.0.0.176 permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0998, CVE-2016-0999 y CVE-2016-1000." } ], "evaluatorComment": "CWE-416: Use After Free", "id": "CVE-2016-0997", "lastModified": "2024-11-21T02:42:48.780", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-03-12T15:59:17.870", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84312" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035251" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "psirt@adobe.com", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/39613/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84312" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035251" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/39613/" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2018-11-29 20:29
Modified
2024-11-21 03:51
Severity ?
Summary
Flash Player versions 31.0.0.122 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
References
▼ | URL | Tags | |
---|---|---|---|
psirt@adobe.com | http://www.securityfocus.com/bid/105909 | Third Party Advisory, VDB Entry | |
psirt@adobe.com | http://www.securitytracker.com/id/1042098 | Third Party Advisory, VDB Entry | |
psirt@adobe.com | https://access.redhat.com/errata/RHSA-2018:3618 | Third Party Advisory | |
psirt@adobe.com | https://helpx.adobe.com/security/products/flash-player/apsb18-39.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/105909 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1042098 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:3618 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/flash-player/apsb18-39.html | Patch, Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
redhat | enterprise_linux_desktop | 6.0 | |
redhat | enterprise_linux_server | 6.0 | |
redhat | enterprise_linux_workstation | 6.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "3FC43386-E120-418E-B393-86F69AA82D4B", "versionEndIncluding": "31.0.0.122", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "BC03BD2C-C23C-4002-A8B7-3DCF48AB0F10", "versionEndIncluding": "31.0.0.122", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "11D6FF0D-6473-41C4-9E07-AA8283AEEAF2", "versionEndIncluding": "31.0.0.122", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_11:*:*", "matchCriteriaId": "5819ABB6-106E-4380-B6ED-2DE237D38413", "versionEndIncluding": "31.0.0.122", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Flash Player versions 31.0.0.122 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure." }, { "lang": "es", "value": "Flash Player, en versiones 31.0.0.122 y anteriores, tiene una vulnerabilidad de lectura fuera de l\u00edmites. Su explotaci\u00f3n con \u00e9xito podr\u00eda resultar en una divulgaci\u00f3n de informaci\u00f3n." } ], "id": "CVE-2018-15978", "lastModified": "2024-11-21T03:51:50.673", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-11-29T20:29:00.343", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/105909" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1042098" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:3618" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-39.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/105909" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1042098" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:3618" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-39.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-125" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-02-10 20:59
Modified
2024-11-21 02:42
Severity ?
Summary
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "9C8C62C1-327A-4D04-A51C-0614DB4F5493", "versionEndIncluding": "11.2.202.559", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "BAFA5674-4EBC-4587-87C6-22A522B487C6", "versionEndIncluding": "20.0.0.286", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "002CFEA6-D147-44B4-90FC-0D3C68D96082", "versionEndIncluding": "18.0.0.326", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "F40FBAAB-92FC-45AF-B656-E87ECC4C4816", "versionEndIncluding": "20.0.0.272", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "686929A4-EB67-47B6-87EC-453BCD13FE20", "versionEndIncluding": "20.0.0.286", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E823E5FE-7367-41DE-8CD7-842C5C2F53CE", "versionEndIncluding": "20.0.0.272", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "18BA497D-0C1D-451E-B54F-4028FD9B9F3B", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "F09C5C9A-0493-4601-84AE-3A9C5985231D", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "00D08966-361A-430D-9B39-ED143404EBF6", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.329 y 19.x y 20.x en versiones anteriores a 20.0.0.306 en Windows y OS X y en versiones anteriores a 11.2.202.569 en Linux, Adobe AIR en versiones anteriores a 20.0.0.260, Adobe AIR SDK en versiones anteriores a 20.0.0.260 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 20.0.0.260 permiten a atacantes ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-0964, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980 y CVE-2016-0981." } ], "id": "CVE-2016-0965", "lastModified": "2024-11-21T02:42:44.020", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-02-10T20:59:12.797", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1034970" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "psirt@adobe.com", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/39460/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1034970" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/39460/" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2024-11-21 03:24
Severity ?
Summary
Adobe Flash Player versions 26.0.0.137 and earlier have an exploitable type confusion vulnerability when parsing SWF files. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
redhat | enterprise_linux | 6.0 | |
redhat | enterprise_linux_desktop | 6.0 | |
redhat | enterprise_linux_workstation | 6.0 | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "E1E372AA-736C-4E3B-B95F-08F0740729D6", "versionEndIncluding": "26.0.0.137", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "A12CDEA6-D7A0-4FC8-BB0C-86BBD368CB3D", "versionEndIncluding": "26.0.0.137", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "5749101F-B883-4303-9511-D1B9F088E74A", "versionEndIncluding": "26.0.0.137", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "D0784B39-1D26-423F-BB54-6B83F2EECF0D", "versionEndIncluding": "26.0.0.137", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 26.0.0.137 and earlier have an exploitable type confusion vulnerability when parsing SWF files. Successful exploitation could lead to arbitrary code execution." }, { "lang": "es", "value": "Adobe Flash Player versiones 26.0.0.137 y anteriores tiene una vulnerabilidad explotable de confusi\u00f3n de tipo al parsear archivos SWF. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo." } ], "id": "CVE-2017-3106", "lastModified": "2024-11-21T03:24:50.673", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-08-11T19:29:02.273", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/100190" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1039088" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2017:2457" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-23.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201709-16" }, { "source": "psirt@adobe.com", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/42480/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/100190" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1039088" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2017:2457" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-23.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201709-16" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/42480/" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-704" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2019-09-27 16:15
Modified
2024-11-21 04:49
Severity ?
Summary
Adobe Flash Player version 32.0.0.192 and earlier versions have a Same Origin Policy Bypass vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | macos | - | |
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | macos | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
chrome | * | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
chrome | * | ||
apple | macos | - | |
debian | debian_linux | 10.0 | |
fedoraproject | fedora | 32 | |
fedoraproject | fedora | 33 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "1F2A52BE-3461-47DE-A522-BADFFFED7F71", "versionEndIncluding": "32.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "A04A161F-50A8-497A-BBEA-464D2839AF5C", "versionEndIncluding": "32.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "F50E7428-6FFC-487F-ABC4-FC04D578CE4E", "versionEndIncluding": "32.0.0.207", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_11:*:*", "matchCriteriaId": "FB18C115-339C-45FC-8780-4EBDECC71877", "versionEndIncluding": "32.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "matchCriteriaId": "56F7F1FE-1A2F-4DE7-B088-3B1356C02DE0", "versionEndExcluding": "87.0.4280.66", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "matchCriteriaId": "75B848C6-40C7-4720-BB77-9D87BA0717A4", "versionEndExcluding": "87.0.4280.67", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", "matchCriteriaId": "36D96259-24BD-44E2-96D9-78CE1D41F956", "vulnerable": true }, { "criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", "matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player version 32.0.0.192 and earlier versions have a Same Origin Policy Bypass vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user." }, { "lang": "es", "value": "Adobe Flash Player versi\u00f3n 32.0.0.192 y versiones anteriores, presentan una vulnerabilidad de Omisi\u00f3n de la Pol\u00edtica del Mismo Origen. Su explotaci\u00f3n con \u00e9xito podr\u00eda conllevar a una divulgaci\u00f3n de informaci\u00f3n en el contexto del usuario actual." } ], "id": "CVE-2019-8075", "lastModified": "2024-11-21T04:49:14.293", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2019-09-27T16:15:10.953", "references": [ { "source": "psirt@adobe.com", "tags": [ "Release Notes", "Third Party Advisory" ], "url": "https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_17.html" }, { "source": "psirt@adobe.com", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://crbug.com/945997" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb19-30.html" }, { "source": "psirt@adobe.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AB2XOYF26EBHJEI6LXCBL32TGZM7UHQ4/" }, { "source": "psirt@adobe.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S4XYJ7B6OXHZNYSA5J3DBUOFEC6WCAGW/" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://www.debian.org/security/2021/dsa-4824" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes", "Third Party Advisory" ], "url": "https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_17.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://crbug.com/945997" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb19-30.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AB2XOYF26EBHJEI6LXCBL32TGZM7UHQ4/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S4XYJ7B6OXHZNYSA5J3DBUOFEC6WCAGW/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://www.debian.org/security/2021/dsa-4824" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-09-14 18:59
Modified
2024-11-21 02:57
Severity ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player_desktop_runtime | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "E7CA6039-558F-4C74-95A6-5C651DD6884D", "versionEndIncluding": "11.2.202.632", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "15F5093D-7418-4D20-BFBA-081D69D7AE7F", "versionEndIncluding": "22.0.0.211", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "CE5BB30B-7DE2-469E-AF95-D552C2BF15F8", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "186A94B2-FFE5-48FF-BADA-0A8083C6CD3D", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "7DB6BA20-BD01-4169-AFE3-07DEB17381C9", "versionEndIncluding": "18.0.0.366", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "156F0DBE-F62C-4596-BF96-9E1224B74494", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.375 y 19.x hasta la versi\u00f3n 23.x en versiones anteriores a 23.0.0.162 en Windows y OS X y en versiones anteriores a 11.2.202.635 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931 y CVE-2016-6932." } ], "id": "CVE-2016-6927", "lastModified": "2024-11-21T02:57:07.210", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-09-14T18:59:24.110", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/92927" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/92927" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2018-05-19 17:29
Modified
2024-11-21 04:07
Severity ?
Summary
Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "7531B60E-06FF-4F9C-90E0-71B8637D5CF0", "versionEndIncluding": "29.0.0.113", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "C58710D1-1B89-494D-8675-68A93C0ACD37", "versionEndIncluding": "29.0.0.113", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "EE872A2B-4118-419A-8B2A-1486BFE1F48A", "versionEndIncluding": "29.0.0.113", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "E5278C46-1C86-41FF-AE07-FB960DDA5251", "versionEndIncluding": "29.0.0.113", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure." }, { "lang": "es", "value": "Adobe Flash Player, en versiones 29.0.0.113 y anteriores, tiene una vulnerabilidad explotable de lectura fuera de l\u00edmites. Su explotaci\u00f3n con \u00e9xito podr\u00eda resultar en una divulgaci\u00f3n de informaci\u00f3n." } ], "id": "CVE-2018-4933", "lastModified": "2024-11-21T04:07:44.363", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-05-19T17:29:01.213", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/103708" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1040648" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:1119" }, { "source": "psirt@adobe.com", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-08.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201804-11" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/103708" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1040648" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:1119" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-08.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201804-11" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-125" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-09-14 18:59
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player_desktop_runtime | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "E7CA6039-558F-4C74-95A6-5C651DD6884D", "versionEndIncluding": "11.2.202.632", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "15F5093D-7418-4D20-BFBA-081D69D7AE7F", "versionEndIncluding": "22.0.0.211", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "CE5BB30B-7DE2-469E-AF95-D552C2BF15F8", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "186A94B2-FFE5-48FF-BADA-0A8083C6CD3D", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "7DB6BA20-BD01-4169-AFE3-07DEB17381C9", "versionEndIncluding": "18.0.0.366", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "156F0DBE-F62C-4596-BF96-9E1224B74494", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.375 y 19.x hasta la versi\u00f3n 23.x en versiones anteriores a 23.0.0.162 en Windows y OS X y en versiones anteriores a 11.2.202.635 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4274, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922 y CVE-2016-6924." } ], "id": "CVE-2016-4275", "lastModified": "2024-11-21T02:51:46.817", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-09-14T18:59:04.403", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/92930" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/40421/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/92930" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/40421/" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-06-16 14:59
Modified
2024-11-21 02:51
Severity ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "39AF0D5D-0C43-4290-B815-19DB07A2FC1A", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EC2F8B78-73CC-44EC-BACF-A2878252992B", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E51D60E3-00C6-459E-B2B9-CA7E25D02FDA", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_11:*:*", "matchCriteriaId": "B1E62C9B-698D-4B21-B513-11F59AC95187", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "363B5A6C-BEE3-4141-8CDD-C1EA06FAD441", "versionEndIncluding": "11.2.202.621", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "80E80DEC-4724-49F4-BD19-4687A83CA56E", "versionEndIncluding": "18.0.0.352", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F", "vulnerable": true }, { "criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*", "matchCriteriaId": "028ABA8F-4E7B-4CD0-B6FC-3A0941E254BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "ED540469-C4DD-485D-9B89-6877B2A74217", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:-:*:*:*:*:*:*:*", "matchCriteriaId": "6EC5FACD-13BC-44E3-8EE1-032CE02760DF", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*", "matchCriteriaId": "232581CC-130A-4C62-A7E9-2EC9A9364D53", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "C6CE5198-C498-4672-AF4C-77AB4BE06C5C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:r2:*:*:*:*:*:*", "matchCriteriaId": "5F2558DF-2D1F-46BA-ABF1-08522D33268E", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." }, { "lang": "es", "value": "Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librer\u00edas Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos, una vulnerabiliad diferente a otras CVEs listadas en MS16-083." } ], "id": "CVE-2016-4135", "lastModified": "2024-11-21T02:51:27.230", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-06-16T14:59:16.607", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "psirt@adobe.com", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/40087/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/40087/" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2019-09-12 19:15
Modified
2024-11-21 04:49
Severity ?
Summary
Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and earlier versions have a Same Origin Method Execution vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user.
References
▼ | URL | Tags | |
---|---|---|---|
psirt@adobe.com | https://helpx.adobe.com/security/products/flash-player/apsb19-46.html | Vendor Advisory | |
psirt@adobe.com | https://security.gentoo.org/glsa/201911-05 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/flash-player/apsb19-46.html | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201911-05 | Third Party Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | macos | - | |
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | macos | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "E75FA786-EC81-44A2-9E84-7B4DE7BB3ABE", "versionEndIncluding": "32.0.0.238", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "70AC6A66-4241-4ECE-8007-C9A1F433BEA2", "versionEndIncluding": "32.0.0.238", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "F50E7428-6FFC-487F-ABC4-FC04D578CE4E", "versionEndIncluding": "32.0.0.207", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "ACB3883B-6803-432F-B0AC-B6DE212158BA", "versionEndIncluding": "32.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and earlier versions have a Same Origin Method Execution vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user." }, { "lang": "es", "value": "Adobe Flash Player versi\u00f3n 32.0.0.238 y anteriores, versi\u00f3n 32.0.0.207 y anteriores, presentan una vulnerabilidad de tipo Same Origin Method Execution. La explotaci\u00f3n con \u00e9xito podr\u00eda conllevar a la ejecuci\u00f3n de c\u00f3digo arbitrario en el contexto del usuario actual." } ], "id": "CVE-2019-8069", "lastModified": "2024-11-21T04:49:13.583", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2019-09-12T19:15:11.513", "references": [ { "source": "psirt@adobe.com", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb19-46.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201911-05" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb19-46.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201911-05" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-346" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-06-16 14:59
Modified
2024-11-21 02:51
Severity ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "39AF0D5D-0C43-4290-B815-19DB07A2FC1A", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EC2F8B78-73CC-44EC-BACF-A2878252992B", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E51D60E3-00C6-459E-B2B9-CA7E25D02FDA", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_11:*:*", "matchCriteriaId": "B1E62C9B-698D-4B21-B513-11F59AC95187", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "363B5A6C-BEE3-4141-8CDD-C1EA06FAD441", "versionEndIncluding": "11.2.202.621", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "80E80DEC-4724-49F4-BD19-4687A83CA56E", "versionEndIncluding": "18.0.0.352", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F", "vulnerable": true }, { "criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*", "matchCriteriaId": "028ABA8F-4E7B-4CD0-B6FC-3A0941E254BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "ED540469-C4DD-485D-9B89-6877B2A74217", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:-:*:*:*:*:*:*:*", "matchCriteriaId": "6EC5FACD-13BC-44E3-8EE1-032CE02760DF", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*", "matchCriteriaId": "232581CC-130A-4C62-A7E9-2EC9A9364D53", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "C6CE5198-C498-4672-AF4C-77AB4BE06C5C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:r2:*:*:*:*:*:*", "matchCriteriaId": "5F2558DF-2D1F-46BA-ABF1-08522D33268E", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." }, { "lang": "es", "value": "Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librer\u00edas Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos, una vulnerabiliad diferente a otras CVEs listadas en MS16-083." } ], "id": "CVE-2016-4136", "lastModified": "2024-11-21T02:51:27.387", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-06-16T14:59:17.590", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "psirt@adobe.com", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" }, { "source": "psirt@adobe.com", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/40088/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/40088/" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-06-16 14:59
Modified
2024-11-21 02:51
Severity ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "39AF0D5D-0C43-4290-B815-19DB07A2FC1A", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EC2F8B78-73CC-44EC-BACF-A2878252992B", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E51D60E3-00C6-459E-B2B9-CA7E25D02FDA", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_11:*:*", "matchCriteriaId": "B1E62C9B-698D-4B21-B513-11F59AC95187", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "363B5A6C-BEE3-4141-8CDD-C1EA06FAD441", "versionEndIncluding": "11.2.202.621", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "80E80DEC-4724-49F4-BD19-4687A83CA56E", "versionEndIncluding": "18.0.0.352", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F", "vulnerable": true }, { "criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*", "matchCriteriaId": "028ABA8F-4E7B-4CD0-B6FC-3A0941E254BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "ED540469-C4DD-485D-9B89-6877B2A74217", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:-:*:*:*:*:*:*:*", "matchCriteriaId": "6EC5FACD-13BC-44E3-8EE1-032CE02760DF", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*", "matchCriteriaId": "232581CC-130A-4C62-A7E9-2EC9A9364D53", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "C6CE5198-C498-4672-AF4C-77AB4BE06C5C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:r2:*:*:*:*:*:*", "matchCriteriaId": "5F2558DF-2D1F-46BA-ABF1-08522D33268E", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." }, { "lang": "es", "value": "Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librer\u00edas Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos, una vulnerabiliad diferente a otras CVEs listadas en MS16-083." } ], "id": "CVE-2016-4133", "lastModified": "2024-11-21T02:51:26.930", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-06-16T14:59:14.327", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "psirt@adobe.com", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-03-04 23:59
Modified
2024-11-21 02:39
Severity ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via crafted MPEG-4 data, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, CVE-2015-8454, CVE-2015-8653, CVE-2015-8655, and CVE-2015-8822.
References
▼ | URL | Tags | |
---|---|---|---|
psirt@adobe.com | http://www.securityfocus.com/bid/84162 | Broken Link, Third Party Advisory, VDB Entry | |
psirt@adobe.com | http://www.zerodayinitiative.com/advisories/ZDI-15-663 | Third Party Advisory, VDB Entry | |
psirt@adobe.com | https://helpx.adobe.com/security/products/flash-player/apsb15-32.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/84162 | Broken Link, Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.zerodayinitiative.com/advisories/ZDI-15-663 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/flash-player/apsb15-32.html | Patch, Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air | * | |
android | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "A02328C4-D810-4774-8F28-2B5FB6C7CDB5", "versionEndIncluding": "11.2.202.548", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "60921187-5894-4500-A822-02986DC497C9", "versionEndIncluding": "19.0.0.245", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "40DB16C2-C074-4BA5-BAC3-7BF751724E01", "versionEndIncluding": "18.0.0.261", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*", "matchCriteriaId": "0D229E41-A971-4284-9657-16D78414B93F", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "9A6F84D7-62F0-45C0-962B-5EC8946B67AA", "versionEndIncluding": "19.0.0.245", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "82EBB50D-BFC5-4165-A673-D98BD23C79C8", "versionEndIncluding": "19.0.0.245", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "C5C96375-3919-417F-ADDC-657F3676EF91", "versionEndIncluding": "19.0.0.245", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "BADDF83B-C087-49E8-A628-171106018227", "versionEndIncluding": "19.0.0.241", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "89A1DBA3-8B4E-4832-8D39-6490CD99FE6B", "versionEndIncluding": "19.0.0.241", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "7C30B2BE-C291-495C-B7A8-A27492BE7177", "versionEndIncluding": "19.0.0.241", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*", "matchCriteriaId": "044936DC-41A9-407F-BE64-B0D6FD7F501E", "versionEndIncluding": "19.0.0.241", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK \u0026 Compiler before 20.0.0.204 allows attackers to execute arbitrary code via crafted MPEG-4 data, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, CVE-2015-8454, CVE-2015-8653, CVE-2015-8655, and CVE-2015-8822." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.268 y 19.x y 20.x en versiones anteriores a 20.0.0.228 en Windows y OS X y en versiones anteriores a 11.2.202.554 en Linux, Adobe AIR en versiones anteriores a 20.0.0.204, Adobe AIR SDK en versiones anteriores a 20.0.0.204 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 20.0.0.204 permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de datos MPEG-4 manipulados, una vulnerabilidad diferente a CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, CVE-2015-8454, CVE-2015-8653, CVE-2015-8655 y CVE-2015-8822." } ], "id": "CVE-2015-8821", "lastModified": "2024-11-21T02:39:15.830", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-03-04T23:59:09.813", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84162" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-663" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84162" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-663" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-03-04 23:59
Modified
2024-11-21 02:38
Severity ?
Summary
Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8654, CVE-2015-8656, CVE-2015-8658, and CVE-2015-8820.
References
▼ | URL | Tags | |
---|---|---|---|
psirt@adobe.com | http://www.securityfocus.com/bid/84160 | Broken Link, Third Party Advisory, VDB Entry | |
psirt@adobe.com | http://www.zerodayinitiative.com/advisories/ZDI-15-660 | Third Party Advisory, VDB Entry | |
psirt@adobe.com | https://helpx.adobe.com/security/products/flash-player/apsb15-32.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/84160 | Broken Link, Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.zerodayinitiative.com/advisories/ZDI-15-660 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/flash-player/apsb15-32.html | Patch, Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air | * | |
android | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "A02328C4-D810-4774-8F28-2B5FB6C7CDB5", "versionEndIncluding": "11.2.202.548", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "60921187-5894-4500-A822-02986DC497C9", "versionEndIncluding": "19.0.0.245", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "40DB16C2-C074-4BA5-BAC3-7BF751724E01", "versionEndIncluding": "18.0.0.261", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*", "matchCriteriaId": "0D229E41-A971-4284-9657-16D78414B93F", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "9A6F84D7-62F0-45C0-962B-5EC8946B67AA", "versionEndIncluding": "19.0.0.245", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "82EBB50D-BFC5-4165-A673-D98BD23C79C8", "versionEndIncluding": "19.0.0.245", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "C5C96375-3919-417F-ADDC-657F3676EF91", "versionEndIncluding": "19.0.0.245", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "BADDF83B-C087-49E8-A628-171106018227", "versionEndIncluding": "19.0.0.241", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "89A1DBA3-8B4E-4832-8D39-6490CD99FE6B", "versionEndIncluding": "19.0.0.241", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "7C30B2BE-C291-495C-B7A8-A27492BE7177", "versionEndIncluding": "19.0.0.241", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*", "matchCriteriaId": "044936DC-41A9-407F-BE64-B0D6FD7F501E", "versionEndIncluding": "19.0.0.241", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK \u0026 Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8654, CVE-2015-8656, CVE-2015-8658, and CVE-2015-8820." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.268 y 19.x y 20.x en versiones anteriores a 20.0.0.228 en Windows y OS X y en versiones anteriores a 11.2.202.554 en Linux, Adobe AIR en versiones anteriores a 20.0.0.204, Adobe AIR SDK en versiones anteriores a 20.0.0.204 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 20.0.0.204 permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (lectura fuera de rango y corrupci\u00f3n de memoria) a trav\u00e9s de datos MPEG-4 manipulados, una vulnerabilidad diferente a CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8654, CVE-2015-8656, CVE-2015-8658 y CVE-2015-8820." } ], "id": "CVE-2015-8657", "lastModified": "2024-11-21T02:38:54.590", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-03-04T23:59:06.640", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84160" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-660" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84160" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-660" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-03-12 15:59
Modified
2024-11-21 02:42
Severity ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, and CVE-2016-1000.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | air | * | |
android | - | ||
adobe | air_sdk | * | |
samsung | x14j_firmware | t-ms14jakucb-1102.5 | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "7DB17574-F635-4CD2-97CD-92802EB88D83", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*", "matchCriteriaId": "026FF3B7-3C8D-42CA-AA19-678245A98619", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "00014504-21F2-4868-A17F-2B46E8F5D4B2", "versionEndIncluding": "20.0.0.260", "vulnerable": true }, { "criteria": "cpe:2.3:o:samsung:x14j_firmware:t-ms14jakucb-1102.5:*:*:*:*:*:*:*", "matchCriteriaId": "3A5867B4-EC19-45D4-87BE-867E1D41ECD5", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "FE45C4DB-E4D8-4AF7-9F13-963C62121EFF", "versionEndIncluding": "11.2.202.569", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "759CBC1F-B487-4562-9846-73B9D5DB2278", "versionEndIncluding": "20.2.2.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "AA526566-68B7-44D8-9886-41EE8E6C328B", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "56042C70-3EDA-47F9-AF4E-585659142AF7", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "F8FC6A7D-B68A-45D6-8AAA-97B0D88DA0A5", "versionEndIncluding": "20.0.0.260", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "602FF6D7-8811-443C-83F3-1306965872D7", "versionEndIncluding": "20.0.0.260", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, and CVE-2016-1000." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.333 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.182 en Windows y OS X y en versiones anteriores a 11.2.202.577 en Linux, Adobe AIR en versiones anteriores a 21.0.0.176, Adobe AIR SDK en versiones anteriores a 21.0.0.176 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 21.0.0.176 permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998 y CVE-2016-1000." } ], "evaluatorComment": "CWE-416: Use After Free", "id": "CVE-2016-0999", "lastModified": "2024-11-21T02:42:49.127", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-03-12T15:59:20.027", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84312" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035251" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "psirt@adobe.com", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/39611/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84312" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035251" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/39611/" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-06-16 14:59
Modified
2024-11-21 02:51
Severity ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1097, CVE-2016-1106, CVE-2016-1107, CVE-2016-1108, CVE-2016-1109, CVE-2016-1110, CVE-2016-4108, and CVE-2016-4110.
References
▼ | URL | Tags | |
---|---|---|---|
psirt@adobe.com | http://rhn.redhat.com/errata/RHSA-2016-1079.html | Third Party Advisory | |
psirt@adobe.com | http://www.securityfocus.com/bid/90797 | Broken Link, Third Party Advisory, VDB Entry | |
psirt@adobe.com | https://helpx.adobe.com/security/products/flash-player/apsb16-15.html | Patch, Vendor Advisory | |
psirt@adobe.com | https://security.gentoo.org/glsa/201606-08 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2016-1079.html | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/90797 | Broken Link, Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/flash-player/apsb16-15.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201606-08 | Third Party Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_desktop_runtime | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "6FE9A1FF-A8FB-4705-AAA2-76022BC3177D", "versionEndIncluding": "21.0.0.241", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "8B11675D-1F0B-4CF1-B9CB-9D9109ACBD0F", "versionEndIncluding": "21.0.0.241", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "6510599C-F0BE-49FD-94A1-7CC7F956FE9B", "versionEndIncluding": "18.0.0.343", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "590F571C-F892-4B40-988D-E0C496F62457", "versionEndIncluding": "21.0.0.198", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "FD6F6486-94C1-44D8-828A-51C257CCC0EC", "versionEndIncluding": "21.0.0.198", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "E335D8A1-5BD1-4A6E-A5DB-FC88A2A91C38", "versionEndIncluding": "11.2.202.616", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "0BAD76E9-AB24-4E7E-B9B0-3B509A4C190C", "versionEndIncluding": "21.0.0.216", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "FC3AC109-2F61-43DC-9490-07920FFC9E69", "versionEndIncluding": "21.0.0.226", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "08AF08C7-348E-4C2A-AA14-8E561A2233CA", "versionEndIncluding": "21.0.0.198", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1097, CVE-2016-1106, CVE-2016-1107, CVE-2016-1108, CVE-2016-1109, CVE-2016-1110, CVE-2016-4108, and CVE-2016-4110." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.352 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.242 en Windows y SO X y en versiones anteriores 11.2.202.621 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1097, CVE-2016-1106, CVE-2016-1107, CVE-2016-1108, CVE-2016-1109, CVE-2016-1110, CVE-2016-4108 y CVE-2016-4110." } ], "evaluatorComment": "CWE-416: Use After Free", "id": "CVE-2016-4121", "lastModified": "2024-11-21T02:51:25.220", "metrics": { "cvssMetricV2": [ { "acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-06-16T14:59:01.637", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1079.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/90797" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201606-08" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1079.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/90797" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201606-08" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-04-09 01:59
Modified
2024-11-21 02:45
Severity ?
Summary
Untrusted search path vulnerability in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows local users to gain privileges via a Trojan horse resource in an unspecified directory.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "DBB40E98-5A3C-4D4E-BF35-66D8490D6B96", "versionEndIncluding": "11.2.202.577", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EAB15A84-C6CE-4B87-B058-1ACAF56D96A5", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "68F6E54E-28D2-460A-9167-8BD0D3283E26", "versionEndIncluding": "18.0.0.333", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "0303DA1C-3C95-4E68-B654-579A302FDF62", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "9B384454-A4B4-4E57-8B0C-2B7BB8DCC545", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "7B5CCFA5-1620-4BC0-ABC3-10F6CFC2D7FB", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "5C86F836-BD68-4B24-87F0-536D61670256", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "B2F4F71D-DA29-43C6-B71F-26F0E1E82619", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "B1EBEC22-8E22-47A6-B3F9-2D577AFE5FA1", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Untrusted search path vulnerability in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows local users to gain privileges via a Trojan horse resource in an unspecified directory." }, { "lang": "es", "value": "Vulnerabilidad de b\u00fasqueda de ruta no confiable en Adobe Flash Player en versiones anteriores a 18.0.0.343 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.213 en Windows y OS X y en versiones anteriores a 11.2.202.616 en Linux permite a usuarios locales ganar privilegios a trav\u00e9s de un recurso Troyano en un directorio no especificado." } ], "evaluatorComment": "CWE-426: Untrusted Search Path", "id": "CVE-2016-1014", "lastModified": "2024-11-21T02:45:35.813", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.4, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 1.3, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-04-09T01:59:30.103", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://packetstormsecurity.com/files/137532/Adobe-Flash-Player-DLL-Hijacking.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "source": "psirt@adobe.com", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://seclists.org/fulldisclosure/2016/Jun/39" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/archive/1/538699/100/0/threaded" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035509" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://packetstormsecurity.com/files/137532/Adobe-Flash-Player-DLL-Hijacking.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://seclists.org/fulldisclosure/2016/Jun/39" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/archive/1/538699/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035509" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-426" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2014-10-15 10:55
Modified
2024-11-21 02:02
Severity ?
Summary
Integer overflow in Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allows attackers to execute arbitrary code via unspecified vectors.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player | * | |
apple | macos | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | macos | - | |
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_8 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player_desktop_runtime | * | |
apple | macos | - | |
microsoft | windows | - | |
adobe | air_desktop_runtime | * | |
apple | macos | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | macos | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
android | - | ||
opensuse | evergreen | 11.4 | |
opensuse | opensuse | 12.3 | |
opensuse | opensuse | 13.1 | |
suse | linux_enterprise_desktop | 11 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "7A2FFBD2-7CB6-4E4F-B065-F56F73DF30F1", "versionEndIncluding": "11.2.202.406", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:extended_support:*:*:*", "matchCriteriaId": "2B8850AE-3FC0-4938-BF15-CACB5F7D55D7", "versionEndIncluding": "13.0.0.244", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "88205CF4-CC22-4FD3-8DEF-ECC6100946F5", "versionEndIncluding": "15.0.0.152", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_10:*:*", "matchCriteriaId": "6C531DF4-E76A-4BB1-B494-5105950F3EEF", "versionEndIncluding": "15.0.0.167", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_11:*:*", "matchCriteriaId": "68E1199F-D9C9-4B1C-91DF-9E2A42DA68BC", "versionEndIncluding": "15.0.0.167", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*", "matchCriteriaId": "0D229E41-A971-4284-9657-16D78414B93F", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "B0C179C7-81AF-404F-938F-5B230BE1E588", "versionEndIncluding": "15.0.0.167", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "C1E130A7-7A1A-4C97-B858-649824DF54C9", "versionEndIncluding": "15.0.0.249", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "ABCF26F4-738A-47BC-9264-A1CD124BEC68", "versionEndIncluding": "15.0.0.249", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "39EE3F92-86AD-44F7-A5CA-79DBDF2AA7C4", "versionEndIncluding": "15.0.0.252", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:opensuse:evergreen:11.4:*:*:*:*:*:*:*", "matchCriteriaId": "CCE4D64E-8C4B-4F21-A9B0-90637C85C1D0", "vulnerable": true }, { "criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", "matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668", "vulnerable": true }, { "criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", "matchCriteriaId": "3ED68ADD-BBDA-4485-BC76-58F011D72311", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Integer overflow in Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK \u0026 Compiler before 15.0.0.302 allows attackers to execute arbitrary code via unspecified vectors." }, { "lang": "es", "value": "Desbordamiento de enteros en Adobe Flash Player anterior a 13.0.0.250 y 14.x y 15.x anterior a 15.0.0.189 en Windows y OS X y anterior a 11.2.202.411 en Linux, Adobe AIR anterior a 15.0.0.293, Adobe AIR SDK anterior a 15.0.0.302, y Adobe AIR SDK \u0026 Compiler anterior a 15.0.0.302 permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados." } ], "id": "CVE-2014-0569", "lastModified": "2024-11-21T02:02:24.900", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2014-10-15T10:55:06.193", "references": [ { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://helpx.adobe.com/security/products/flash-player/apsb14-22.html" }, { "source": "psirt@adobe.com", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00002.html" }, { "source": "psirt@adobe.com", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00033.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1648.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/61980" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/70441" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1031019" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-14-365/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://helpx.adobe.com/security/products/flash-player/apsb14-22.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00002.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00033.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1648.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/61980" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/70441" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1031019" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-14-365/" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-190" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-05-09 16:29
Modified
2024-11-21 03:24
Severity ?
Summary
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Graphics class. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player_desktop_runtime | * | |
linux | linux_kernel | - | |
microsoft | windows | - | |
redhat | enterprise_linux | 6.0 | |
redhat | enterprise_linux_desktop | 6.0 | |
redhat | enterprise_linux_workstation | 6.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "468D7461-525B-4955-86D3-634AD5F67D8B", "versionEndIncluding": "25.0.0.163", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "F993D3FB-20C2-45F9-B12A-C3B43626BE87", "versionEndIncluding": "25.0.0.148", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E1797469-2189-46B4-B989-65C723FB94DE", "versionEndIncluding": "25.0.0.148", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "5911F9A3-8BF4-41EC-A676-0B82E2BB955D", "versionEndIncluding": "25.0.0.148", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "388C1F56-BCBB-486E-8782-322283207C1F", "versionEndIncluding": "25.0.0.148", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Graphics class. Successful exploitation could lead to arbitrary code execution." }, { "lang": "es", "value": "Flash Player versiones 25.0.0.148 y anteriores de Adobe, presenta una vulnerabilidad de corrupci\u00f3n de memoria explotable en la clase Graphics. Una explotaci\u00f3n con \u00e9xito podr\u00eda conllevar a la ejecuci\u00f3n de c\u00f3digo arbitraria." } ], "id": "CVE-2017-3074", "lastModified": "2024-11-21T03:24:46.830", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-05-09T16:29:00.387", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/98349" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1038427" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2017:1219" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-15.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201705-12" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/98349" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1038427" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2017:1219" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-15.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201705-12" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-04-09 01:59
Modified
2024-11-21 02:45
Severity ?
Summary
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1032, and CVE-2016-1033.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "DBB40E98-5A3C-4D4E-BF35-66D8490D6B96", "versionEndIncluding": "11.2.202.577", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EAB15A84-C6CE-4B87-B058-1ACAF56D96A5", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "68F6E54E-28D2-460A-9167-8BD0D3283E26", "versionEndIncluding": "18.0.0.333", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "0303DA1C-3C95-4E68-B654-579A302FDF62", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "9B384454-A4B4-4E57-8B0C-2B7BB8DCC545", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "7B5CCFA5-1620-4BC0-ABC3-10F6CFC2D7FB", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "5C86F836-BD68-4B24-87F0-536D61670256", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "B2F4F71D-DA29-43C6-B71F-26F0E1E82619", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "B1EBEC22-8E22-47A6-B3F9-2D577AFE5FA1", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1032, and CVE-2016-1033." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.343 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.213 en Windows y OS X y en versiones anteriores a 11.2.202.616 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente de CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1032 y CVE-2016-1033." } ], "id": "CVE-2016-1029", "lastModified": "2024-11-21T02:45:37.953", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-04-09T01:59:43.780", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/85932" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035509" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/85932" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035509" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2024-11-21 02:51
Severity ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4231, and CVE-2016-4248.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4231, and CVE-2016-4248." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes ejecutar un c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4231 y CVE-2016-4248." } ], "evaluatorComment": "CWE-416: Use After Free", "id": "CVE-2016-4230", "lastModified": "2024-11-21T02:51:40.880", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T02:00:38.013", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://packetstormsecurity.com/files/138532/Adobe-Flash-MovieClip-Transform-Use-After-Free.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91719" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Exploit", "Mailing List", "Third Party Advisory" ], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=844\u0026q=adobe%20flash" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/40311/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://packetstormsecurity.com/files/138532/Adobe-Flash-MovieClip-Transform-Use-After-Free.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91719" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Mailing List", "Third Party Advisory" ], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=844\u0026q=adobe%20flash" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/40311/" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-03-12 15:59
Modified
2024-11-21 02:45
Severity ?
Summary
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, and CVE-2016-1005.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | air | * | |
android | - | ||
adobe | air_sdk | * | |
samsung | x14j_firmware | t-ms14jakucb-1102.5 | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "7DB17574-F635-4CD2-97CD-92802EB88D83", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*", "matchCriteriaId": "026FF3B7-3C8D-42CA-AA19-678245A98619", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "00014504-21F2-4868-A17F-2B46E8F5D4B2", "versionEndIncluding": "20.0.0.260", "vulnerable": true }, { "criteria": "cpe:2.3:o:samsung:x14j_firmware:t-ms14jakucb-1102.5:*:*:*:*:*:*:*", "matchCriteriaId": "3A5867B4-EC19-45D4-87BE-867E1D41ECD5", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "FE45C4DB-E4D8-4AF7-9F13-963C62121EFF", "versionEndIncluding": "11.2.202.569", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "759CBC1F-B487-4562-9846-73B9D5DB2278", "versionEndIncluding": "20.2.2.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "AA526566-68B7-44D8-9886-41EE8E6C328B", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "56042C70-3EDA-47F9-AF4E-585659142AF7", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "F8FC6A7D-B68A-45D6-8AAA-97B0D88DA0A5", "versionEndIncluding": "20.0.0.260", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "602FF6D7-8811-443C-83F3-1306965872D7", "versionEndIncluding": "20.0.0.260", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, and CVE-2016-1005." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.333 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.182 en Windows y OS X y en versiones anteriores a 11.2.202.577 en Linux, Adobe AIR en versiones anteriores a 21.0.0.176, Adobe AIR SDK en versiones anteriores a 21.0.0.176 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 21.0.0.176 permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992 y CVE-2016-1005." } ], "id": "CVE-2016-1002", "lastModified": "2024-11-21T02:45:34.217", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-03-12T15:59:22.870", "references": [ { "source": "psirt@adobe.com", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "source": "psirt@adobe.com", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" }, { "source": "psirt@adobe.com", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "source": "psirt@adobe.com", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84311" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035251" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "psirt@adobe.com", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/39608/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84311" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035251" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/39608/" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245 y CVE-2016-4246." } ], "id": "CVE-2016-4241", "lastModified": "2024-11-21T02:51:42.590", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T02:00:47.857", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245 y CVE-2016-4246." } ], "id": "CVE-2016-4242", "lastModified": "2024-11-21T02:51:42.737", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T02:00:48.750", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2024-11-21 02:57
Severity ?
Summary
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6986, CVE-2016-6989, and CVE-2016-6990.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player_desktop_runtime | * | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "AC8E6823-74A6-4013-8719-3AECCD82E528", "versionEndIncluding": "23.0.0.162", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "44F8E3B1-C71C-4402-B58C-B6AEA1F9D123", "versionEndIncluding": "23.0.0.162", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "FF98FA22-5DF9-4408-946F-14F23F83B397", "versionEndIncluding": "23.0.0.162", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "0C7D71FC-0E0F-40CF-B6D1-ED900D0E1D1E", "versionEndIncluding": "18.0.0.375", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "9354C77F-09CA-4B4A-9775-54E5B78B045C", "versionEndIncluding": "23.0.0.162", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:linux:*:*", "matchCriteriaId": "8783B83A-0C8C-495E-BD14-C0857D9FB29D", "versionEndIncluding": "11.2.202.635", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6986, CVE-2016-6989, and CVE-2016-6990." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.382 y 19.x hasta la versi\u00f3n 23.x en versiones anteriores a 23.0.0.185 en Windows y OS X y en versiones anteriores a 11.2.202.637 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989 y CVE-2016-6990." } ], "id": "CVE-2016-6985", "lastModified": "2024-11-21T02:57:14.387", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-10-13T19:59:57.253", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/93490" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036985" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/93490" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036985" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-02-10 20:59
Modified
2024-11-21 02:42
Severity ?
Summary
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, and CVE-2016-0981.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "9C8C62C1-327A-4D04-A51C-0614DB4F5493", "versionEndIncluding": "11.2.202.559", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "BAFA5674-4EBC-4587-87C6-22A522B487C6", "versionEndIncluding": "20.0.0.286", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "002CFEA6-D147-44B4-90FC-0D3C68D96082", "versionEndIncluding": "18.0.0.326", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "F40FBAAB-92FC-45AF-B656-E87ECC4C4816", "versionEndIncluding": "20.0.0.272", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "686929A4-EB67-47B6-87EC-453BCD13FE20", "versionEndIncluding": "20.0.0.286", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E823E5FE-7367-41DE-8CD7-842C5C2F53CE", "versionEndIncluding": "20.0.0.272", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "18BA497D-0C1D-451E-B54F-4028FD9B9F3B", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "F09C5C9A-0493-4601-84AE-3A9C5985231D", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "00D08966-361A-430D-9B39-ED143404EBF6", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, and CVE-2016-0981." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.329 y 19.x y 20.x en versiones anteriores a 20.0.0.306 en Windows y OS X y en versiones anteriores a 11.2.202.569 en Linux, Adobe AIR en versiones anteriores a 20.0.0.260, Adobe AIR SDK en versiones anteriores a 20.0.0.260 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 20.0.0.260 permiten a atacantes ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979 y CVE-2016-0981." } ], "id": "CVE-2016-0980", "lastModified": "2024-11-21T02:42:46.273", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-02-10T20:59:28.157", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1034970" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1034970" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-02-15 06:59
Modified
2024-11-21 03:24
Severity ?
Summary
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 decompression routine. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "72027AB8-CD81-4DC3-9898-F4CE2BAE309A", "versionEndIncluding": "24.0.0.194", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "DB881360-123D-413E-88F3-C402DD92D1D1", "versionEndIncluding": "24.0.0.194", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "A2E601B7-FB5B-4B6B-8AC3-1B7503D3DBEB", "versionEndIncluding": "24.0.0.194", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EAA0C4E6-7324-424C-A7C8-DEE39551A847", "versionEndIncluding": "24.0.0.194", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 decompression routine. Successful exploitation could lead to arbitrary code execution." }, { "lang": "es", "value": "Adobe Flash Player versiones 24.0.0.194 y anteriores, tienen una vulnerabilidad explotable de corrupci\u00f3n de memoria en la rutina de descompresi\u00f3n h264. La explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario." } ], "id": "CVE-2017-2990", "lastModified": "2024-11-21T03:24:35.950", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-02-15T06:59:00.667", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/96190" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037815" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201702-20" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/96190" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037815" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201702-20" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245 y CVE-2016-4246." } ], "id": "CVE-2016-4218", "lastModified": "2024-11-21T02:51:39.140", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T02:00:26.730", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-06-16 14:59
Modified
2024-11-21 02:51
Severity ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "39AF0D5D-0C43-4290-B815-19DB07A2FC1A", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EC2F8B78-73CC-44EC-BACF-A2878252992B", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E51D60E3-00C6-459E-B2B9-CA7E25D02FDA", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_11:*:*", "matchCriteriaId": "B1E62C9B-698D-4B21-B513-11F59AC95187", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "363B5A6C-BEE3-4141-8CDD-C1EA06FAD441", "versionEndIncluding": "11.2.202.621", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "80E80DEC-4724-49F4-BD19-4687A83CA56E", "versionEndIncluding": "18.0.0.352", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F", "vulnerable": true }, { "criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*", "matchCriteriaId": "028ABA8F-4E7B-4CD0-B6FC-3A0941E254BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "ED540469-C4DD-485D-9B89-6877B2A74217", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:-:*:*:*:*:*:*:*", "matchCriteriaId": "6EC5FACD-13BC-44E3-8EE1-032CE02760DF", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*", "matchCriteriaId": "232581CC-130A-4C62-A7E9-2EC9A9364D53", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "C6CE5198-C498-4672-AF4C-77AB4BE06C5C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:r2:*:*:*:*:*:*", "matchCriteriaId": "5F2558DF-2D1F-46BA-ABF1-08522D33268E", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." }, { "lang": "es", "value": "Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librer\u00edas Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos, una vulnerabiliad diferente a otras CVEs listadas en MS16-083." } ], "id": "CVE-2016-4134", "lastModified": "2024-11-21T02:51:27.077", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-06-16T14:59:15.590", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "psirt@adobe.com", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-09-14 18:59
Modified
2024-11-21 02:57
Severity ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, and CVE-2016-6931.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player_desktop_runtime | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "E7CA6039-558F-4C74-95A6-5C651DD6884D", "versionEndIncluding": "11.2.202.632", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "15F5093D-7418-4D20-BFBA-081D69D7AE7F", "versionEndIncluding": "22.0.0.211", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "CE5BB30B-7DE2-469E-AF95-D552C2BF15F8", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "186A94B2-FFE5-48FF-BADA-0A8083C6CD3D", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "7DB6BA20-BD01-4169-AFE3-07DEB17381C9", "versionEndIncluding": "18.0.0.366", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "156F0DBE-F62C-4596-BF96-9E1224B74494", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, and CVE-2016-6931." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.375 y 19.x hasta la versi\u00f3n 23.x en versiones anteriores a 23.0.0.162 en Windows y OS X y en versiones anteriores a 11.2.202.635 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930 y CVE-2016-6931." } ], "id": "CVE-2016-6932", "lastModified": "2024-11-21T02:57:07.787", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-09-14T18:59:28.220", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/92927" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/92927" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-06-16 14:59
Modified
2024-11-21 02:51
Severity ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EC2F8B78-73CC-44EC-BACF-A2878252992B", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "363B5A6C-BEE3-4141-8CDD-C1EA06FAD441", "versionEndIncluding": "11.2.202.621", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "80E80DEC-4724-49F4-BD19-4687A83CA56E", "versionEndIncluding": "18.0.0.352", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E51D60E3-00C6-459E-B2B9-CA7E25D02FDA", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "AEBB9124-E2D5-435E-A59A-9B250374ABD6", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "39AF0D5D-0C43-4290-B815-19DB07A2FC1A", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F", "vulnerable": true }, { "criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*", "matchCriteriaId": "028ABA8F-4E7B-4CD0-B6FC-3A0941E254BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "ED540469-C4DD-485D-9B89-6877B2A74217", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." }, { "lang": "es", "value": "Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librer\u00edas Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos, una vulnerabiliad diferente a otras CVEs listadas en MS16-083." } ], "id": "CVE-2016-4149", "lastModified": "2024-11-21T02:51:29.380", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-06-16T14:59:31.407", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-843" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2024-11-21 02:51
Severity ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes ejecutar un c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231 y CVE-2016-4248." } ], "id": "CVE-2016-4228", "lastModified": "2024-11-21T02:51:40.600", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T02:00:36.013", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91719" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/40309/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91719" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/40309/" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-02-10 20:59
Modified
2024-11-21 02:42
Severity ?
Summary
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "9C8C62C1-327A-4D04-A51C-0614DB4F5493", "versionEndIncluding": "11.2.202.559", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "BAFA5674-4EBC-4587-87C6-22A522B487C6", "versionEndIncluding": "20.0.0.286", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "002CFEA6-D147-44B4-90FC-0D3C68D96082", "versionEndIncluding": "18.0.0.326", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "F40FBAAB-92FC-45AF-B656-E87ECC4C4816", "versionEndIncluding": "20.0.0.272", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "686929A4-EB67-47B6-87EC-453BCD13FE20", "versionEndIncluding": "20.0.0.286", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E823E5FE-7367-41DE-8CD7-842C5C2F53CE", "versionEndIncluding": "20.0.0.272", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "18BA497D-0C1D-451E-B54F-4028FD9B9F3B", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "F09C5C9A-0493-4601-84AE-3A9C5985231D", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "00D08966-361A-430D-9B39-ED143404EBF6", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.329 y 19.x y 20.x en versiones anteriores a 20.0.0.306 en Windows y OS X y en versiones anteriores a 11.2.202.569 en Linux, Adobe AIR en versiones anteriores a 20.0.0.260, Adobe AIR SDK en versiones anteriores a 20.0.0.260 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 20.0.0.260 permiten a atacantes ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-0964, CVE-2016-0965, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980 y CVE-2016-0981." } ], "id": "CVE-2016-0966", "lastModified": "2024-11-21T02:42:44.173", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-02-10T20:59:13.797", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1034970" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1034970" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-12-15 06:59
Modified
2024-11-21 02:58
Severity ?
Summary
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have security bypass vulnerability in the implementation of the same origin policy.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "CF0D14A5-39E1-4882-BB01-CEA5792A12A1", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "C9A6CB65-9F7A-4F32-BC34-F83524B7199C", "versionEndIncluding": "23.0.0.207", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "53F56649-F6A7-4CDE-B93C-5F7CB5986CB6", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "E36B0E89-5095-47A8-BF0F-68A9C37B356E", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "AA5B4F5E-0C58-42AD-8474-2FC6FAE237AB", "versionEndIncluding": "11.2.202.644", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have security bypass vulnerability in the implementation of the same origin policy." }, { "lang": "es", "value": "Adobe Flash Player versi\u00f3n 23.0.0.207 y versiones anteriores, 11.2.202.644 y versiones anteriores tiene una vulnerabilidad de elusi\u00f3n de seguridad en la implementaci\u00f3n en la misma pol\u00edtica de origen." } ], "id": "CVE-2016-7890", "lastModified": "2024-11-21T02:58:39.933", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-12-15T06:59:54.343", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/94870" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037442" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/94870" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037442" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201701-17" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 01:59
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes eludir restricciones destinadas al acceso y obtener informaci\u00f3n sensible a trav\u00e9s de vectores no especificados." } ], "id": "CVE-2016-4178", "lastModified": "2024-11-21T02:51:33.867", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T01:59:47.817", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91723" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91723" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-863" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-03-12 15:59
Modified
2024-11-21 02:42
Severity ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code by using the actionCallMethod opcode with crafted arguments, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | air | * | |
android | - | ||
adobe | air_sdk | * | |
samsung | x14j_firmware | t-ms14jakucb-1102.5 | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "7DB17574-F635-4CD2-97CD-92802EB88D83", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*", "matchCriteriaId": "026FF3B7-3C8D-42CA-AA19-678245A98619", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "00014504-21F2-4868-A17F-2B46E8F5D4B2", "versionEndIncluding": "20.0.0.260", "vulnerable": true }, { "criteria": "cpe:2.3:o:samsung:x14j_firmware:t-ms14jakucb-1102.5:*:*:*:*:*:*:*", "matchCriteriaId": "3A5867B4-EC19-45D4-87BE-867E1D41ECD5", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "FE45C4DB-E4D8-4AF7-9F13-963C62121EFF", "versionEndIncluding": "11.2.202.569", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "759CBC1F-B487-4562-9846-73B9D5DB2278", "versionEndIncluding": "20.2.2.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "AA526566-68B7-44D8-9886-41EE8E6C328B", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "56042C70-3EDA-47F9-AF4E-585659142AF7", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "F8FC6A7D-B68A-45D6-8AAA-97B0D88DA0A5", "versionEndIncluding": "20.0.0.260", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "602FF6D7-8811-443C-83F3-1306965872D7", "versionEndIncluding": "20.0.0.260", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code by using the actionCallMethod opcode with crafted arguments, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.333 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.182 en Windows y OS X y en versiones anteriores a 11.2.202.577 en Linux, Adobe AIR en versiones anteriores a 21.0.0.176, Adobe AIR SDK en versiones anteriores a 21.0.0.176 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 21.0.0.176 permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999 y CVE-2016-1000." } ], "evaluatorComment": "CWE-416: Use After Free", "id": "CVE-2016-0994", "lastModified": "2024-11-21T02:42:48.343", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-03-12T15:59:14.917", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84312" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035251" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-194/" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84312" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035251" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-194/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-12-15 06:59
Modified
2024-11-21 02:58
Severity ?
Summary
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the Action Message Format serialization (AFM0). Successful exploitation could lead to arbitrary code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "CF0D14A5-39E1-4882-BB01-CEA5792A12A1", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "C9A6CB65-9F7A-4F32-BC34-F83524B7199C", "versionEndIncluding": "23.0.0.207", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "53F56649-F6A7-4CDE-B93C-5F7CB5986CB6", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "E36B0E89-5095-47A8-BF0F-68A9C37B356E", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "AA5B4F5E-0C58-42AD-8474-2FC6FAE237AB", "versionEndIncluding": "11.2.202.644", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the Action Message Format serialization (AFM0). Successful exploitation could lead to arbitrary code execution." }, { "lang": "es", "value": "Adobe Flash Player versi\u00f3n 23.0.0.207 y versiones anteriores, 11.2.202.644 y versiones anteriores tienen una vulnerabilidad explotable de uso despu\u00e9s de liberaci\u00f3n de memoria en la serie Action Message Format (AFM0). Una explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario." } ], "id": "CVE-2016-7877", "lastModified": "2024-11-21T02:58:38.467", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-12-15T06:59:41.220", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/94873" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037442" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/94873" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037442" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201701-17" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-02-10 20:59
Modified
2024-11-21 02:42
Severity ?
Summary
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "9C8C62C1-327A-4D04-A51C-0614DB4F5493", "versionEndIncluding": "11.2.202.559", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "BAFA5674-4EBC-4587-87C6-22A522B487C6", "versionEndIncluding": "20.0.0.286", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "002CFEA6-D147-44B4-90FC-0D3C68D96082", "versionEndIncluding": "18.0.0.326", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "F40FBAAB-92FC-45AF-B656-E87ECC4C4816", "versionEndIncluding": "20.0.0.272", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "686929A4-EB67-47B6-87EC-453BCD13FE20", "versionEndIncluding": "20.0.0.286", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E823E5FE-7367-41DE-8CD7-842C5C2F53CE", "versionEndIncluding": "20.0.0.272", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "18BA497D-0C1D-451E-B54F-4028FD9B9F3B", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "F09C5C9A-0493-4601-84AE-3A9C5985231D", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "00D08966-361A-430D-9B39-ED143404EBF6", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.329 y 19.x y 20.x en versiones anteriores a 20.0.0.306 en Windows y OS X y en versiones anteriores a 11.2.202.569 en Linux, Adobe AIR en versiones anteriores a 20.0.0.260, Adobe AIR SDK en versiones anteriores a 20.0.0.260 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 20.0.0.260 permiten a atacantes ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980 y CVE-2016-0981." } ], "id": "CVE-2016-0972", "lastModified": "2024-11-21T02:42:45.080", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-02-10T20:59:20.063", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1034970" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1034970" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 01:59
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245 y CVE-2016-4246." } ], "id": "CVE-2016-4181", "lastModified": "2024-11-21T02:51:34.320", "metrics": { "cvssMetricV2": [ { "acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T01:59:50.677", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2019-05-23 17:29
Modified
2024-11-21 04:47
Severity ?
Summary
Adobe Flash Player versions 32.0.0.156 and earlier, 32.0.0.156 and earlier, and 32.0.0.156 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .
References
▼ | URL | Tags | |
---|---|---|---|
psirt@adobe.com | https://helpx.adobe.com/security/products/flash-player/apsb19-19.html | Vendor Advisory | |
psirt@adobe.com | https://security.gentoo.org/glsa/201908-21 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/flash-player/apsb19-19.html | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201908-21 | Third Party Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "FF0495B7-A006-49D1-B86F-36EEB469ED09", "versionEndIncluding": "32.0.0.156", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "7D203B13-BBC0-4FF6-BE7D-D910D4CB80D7", "versionEndIncluding": "32.0.0.156", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E04D5ACF-703C-43B4-AFE2-04DFCF91B11C", "versionEndIncluding": "32.0.0.156", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_11:*:*", "matchCriteriaId": "BDBAFC30-28E6-40F2-AAFE-07C640A47D5A", "versionEndIncluding": "32.0.0.156", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 32.0.0.156 and earlier, 32.0.0.156 and earlier, and 32.0.0.156 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure ." }, { "lang": "es", "value": "Las versiones de Adobe Flash Player 32.0.0.156 y anteriores, versi\u00f3n 32.0.0.156 y anteriores, y versi\u00f3n 32.0.0.156 y anteriores, tienen una vulnerabilidad de lectura fuera de l\u00edmites. Su explotaci\u00f3n exitosa conllevar\u00eda a la divulgaci\u00f3n de informaci\u00f3n." } ], "id": "CVE-2019-7108", "lastModified": "2024-11-21T04:47:35.180", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2019-05-23T17:29:00.597", "references": [ { "source": "psirt@adobe.com", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb19-19.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201908-21" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb19-19.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201908-21" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-125" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-04-09 01:59
Modified
2024-11-21 02:45
Severity ?
Summary
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "DBB40E98-5A3C-4D4E-BF35-66D8490D6B96", "versionEndIncluding": "11.2.202.577", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EAB15A84-C6CE-4B87-B058-1ACAF56D96A5", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "68F6E54E-28D2-460A-9167-8BD0D3283E26", "versionEndIncluding": "18.0.0.333", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "0303DA1C-3C95-4E68-B654-579A302FDF62", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "9B384454-A4B4-4E57-8B0C-2B7BB8DCC545", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "7B5CCFA5-1620-4BC0-ABC3-10F6CFC2D7FB", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "5C86F836-BD68-4B24-87F0-536D61670256", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "B2F4F71D-DA29-43C6-B71F-26F0E1E82619", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "B1EBEC22-8E22-47A6-B3F9-2D577AFE5FA1", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.343 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.213 en Windows y OS X y en versiones anteriores a 11.2.202.616 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente de CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032 y CVE-2016-1033." } ], "id": "CVE-2016-1012", "lastModified": "2024-11-21T02:45:35.533", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-04-09T01:59:28.323", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/85932" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035509" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/85932" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035509" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 01:59
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245 y CVE-2016-4246." } ], "id": "CVE-2016-4188", "lastModified": "2024-11-21T02:51:35.360", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T01:59:57.833", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245 y CVE-2016-4246." } ], "id": "CVE-2016-4233", "lastModified": "2024-11-21T02:51:41.337", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T02:00:40.637", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-03-14 16:59
Modified
2024-11-21 03:24
Severity ?
Summary
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability in the ActionScript2 TextField object related to the variable property. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "6F017128-1329-4EA4-9E6F-EFC279D1A296", "versionEndIncluding": "24.0.0.221", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "68A43DA8-9EE3-4423-9E01-7AEE3DD378DD", "versionEndIncluding": "24.0.0.221", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "C5EFFCBC-AB30-47D8-ACC5-91FDB5F733C6", "versionEndIncluding": "24.0.0.221", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "B72F98B2-B74E-4F12-9415-F0B94035F273", "versionEndIncluding": "24.0.0.221", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability in the ActionScript2 TextField object related to the variable property. Successful exploitation could lead to arbitrary code execution." }, { "lang": "es", "value": "Adobe Flash Player versi\u00f3n 24.0.0.221 y versiones anteriores tienen una vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria explotable en el objeto ActionScript2 TextField relacionado con la propiedad variable. Una explotaci\u00f3n exitosa puede resultar en ejecuci\u00f3n arbitraria de c\u00f3digo." } ], "id": "CVE-2017-3002", "lastModified": "2024-11-21T03:24:37.523", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-03-14T16:59:00.397", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0526.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/96861" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037994" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-07.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201703-02" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0526.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/96861" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037994" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-07.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201703-02" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-06-16 14:59
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4161, CVE-2016-4162, and CVE-2016-4163.
References
▼ | URL | Tags | |
---|---|---|---|
psirt@adobe.com | http://rhn.redhat.com/errata/RHSA-2016-1079.html | Third Party Advisory | |
psirt@adobe.com | http://www.securityfocus.com/bid/90618 | Broken Link, Third Party Advisory, VDB Entry | |
psirt@adobe.com | https://helpx.adobe.com/security/products/flash-player/apsb16-15.html | Patch, Vendor Advisory | |
psirt@adobe.com | https://security.gentoo.org/glsa/201606-08 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2016-1079.html | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/90618 | Broken Link, Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/flash-player/apsb16-15.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201606-08 | Third Party Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_desktop_runtime | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "6FE9A1FF-A8FB-4705-AAA2-76022BC3177D", "versionEndIncluding": "21.0.0.241", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "8B11675D-1F0B-4CF1-B9CB-9D9109ACBD0F", "versionEndIncluding": "21.0.0.241", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "6510599C-F0BE-49FD-94A1-7CC7F956FE9B", "versionEndIncluding": "18.0.0.343", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "590F571C-F892-4B40-988D-E0C496F62457", "versionEndIncluding": "21.0.0.198", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "FD6F6486-94C1-44D8-828A-51C257CCC0EC", "versionEndIncluding": "21.0.0.198", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "E335D8A1-5BD1-4A6E-A5DB-FC88A2A91C38", "versionEndIncluding": "11.2.202.616", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "0BAD76E9-AB24-4E7E-B9B0-3B509A4C190C", "versionEndIncluding": "21.0.0.216", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "FC3AC109-2F61-43DC-9490-07920FFC9E69", "versionEndIncluding": "21.0.0.226", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "08AF08C7-348E-4C2A-AA14-8E561A2233CA", "versionEndIncluding": "21.0.0.198", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4161, CVE-2016-4162, and CVE-2016-4163." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.352 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.242 en Windows y SO X y en versiones anteriores a 11.2.202.621 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4161, CVE-2016-4162 y CVE-2016-4163." } ], "id": "CVE-2016-4160", "lastModified": "2024-11-21T02:51:31.053", "metrics": { "cvssMetricV2": [ { "acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-06-16T14:59:43.030", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1079.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/90618" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201606-08" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1079.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/90618" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201606-08" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245 y CVE-2016-4246." } ], "id": "CVE-2016-4238", "lastModified": "2024-11-21T02:51:42.130", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T02:00:45.187", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2018-05-19 17:29
Modified
2024-11-21 04:07
Severity ?
Summary
Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "E5278C46-1C86-41FF-AE07-FB960DDA5251", "versionEndIncluding": "29.0.0.113", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "EE872A2B-4118-419A-8B2A-1486BFE1F48A", "versionEndIncluding": "29.0.0.113", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "7531B60E-06FF-4F9C-90E0-71B8637D5CF0", "versionEndIncluding": "29.0.0.113", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "C58710D1-1B89-494D-8675-68A93C0ACD37", "versionEndIncluding": "29.0.0.113", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user." }, { "lang": "es", "value": "Adobe Flash Player, en versiones 29.0.0.113 y anteriores, tiene una vulnerabilidad explotable de escritura fuera de l\u00edmites. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo en el contexto del usuario actual." } ], "id": "CVE-2018-4937", "lastModified": "2024-11-21T04:07:44.890", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-05-19T17:29:01.387", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/103708" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1040648" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:1119" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-08.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201804-11" }, { "source": "psirt@adobe.com", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/44529/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/103708" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1040648" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:1119" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-08.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201804-11" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/44529/" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-09-14 18:59
Modified
2024-11-21 02:57
Severity ?
Summary
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, and CVE-2016-6924.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player_desktop_runtime | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "E7CA6039-558F-4C74-95A6-5C651DD6884D", "versionEndIncluding": "11.2.202.632", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "15F5093D-7418-4D20-BFBA-081D69D7AE7F", "versionEndIncluding": "22.0.0.211", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "CE5BB30B-7DE2-469E-AF95-D552C2BF15F8", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "186A94B2-FFE5-48FF-BADA-0A8083C6CD3D", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "7DB6BA20-BD01-4169-AFE3-07DEB17381C9", "versionEndIncluding": "18.0.0.366", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "156F0DBE-F62C-4596-BF96-9E1224B74494", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, and CVE-2016-6924." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.375 y 19.x hasta la versi\u00f3n 23.x en versiones anteriores a 23.0.0.162 en Windows y OS X y en versiones anteriores a 11.2.202.635 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285 y CVE-2016-6924." } ], "id": "CVE-2016-6922", "lastModified": "2024-11-21T02:57:06.530", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-09-14T18:59:18.873", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/92930" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/92930" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to bypass intended access restrictions via unspecified vectors.
References
▼ | URL | Tags | |
---|---|---|---|
psirt@adobe.com | http://rhn.redhat.com/errata/RHSA-2016-2057.html | Third Party Advisory | |
psirt@adobe.com | http://www.securityfocus.com/bid/93497 | Third Party Advisory, VDB Entry | |
psirt@adobe.com | http://www.securitytracker.com/id/1036985 | Third Party Advisory, VDB Entry | |
psirt@adobe.com | https://helpx.adobe.com/security/products/flash-player/apsb16-32.html | Patch, Vendor Advisory | |
psirt@adobe.com | https://security.gentoo.org/glsa/201610-10 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2016-2057.html | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/93497 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1036985 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/flash-player/apsb16-32.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201610-10 | Third Party Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player | * | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | * | |
microsoft | windows | * | |
adobe | flash_player | * | |
apple | mac_os_x | * | |
chrome_os | * | ||
linux | linux_kernel | - | |
microsoft | windows | * | |
redhat | enterprise_linux_desktop | 5.0 | |
redhat | enterprise_linux_desktop | 6.0 | |
redhat | enterprise_linux_server | 5.0 | |
redhat | enterprise_linux_server | 6.0 | |
redhat | enterprise_linux_workstation | 5.0 | |
redhat | enterprise_linux_workstation | 6.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "44F8E3B1-C71C-4402-B58C-B6AEA1F9D123", "versionEndIncluding": "23.0.0.162", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "FF98FA22-5DF9-4408-946F-14F23F83B397", "versionEndIncluding": "23.0.0.162", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:linux:*:*", "matchCriteriaId": "8783B83A-0C8C-495E-BD14-C0857D9FB29D", "versionEndIncluding": "11.2.202.635", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "0C7D71FC-0E0F-40CF-B6D1-ED900D0E1D1E", "versionEndIncluding": "18.0.0.375", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "9354C77F-09CA-4B4A-9775-54E5B78B045C", "versionEndIncluding": "23.0.0.162", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "AC8E6823-74A6-4013-8719-3AECCD82E528", "versionEndIncluding": "23.0.0.162", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:*:*:*:*:*:*:*:*", "matchCriteriaId": "5ACCACAF-7BD6-4C0A-8E6A-67E13D5E341D", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to bypass intended access restrictions via unspecified vectors." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.382 y 19.x hasta la versi\u00f3n 23.x en versiones anteriores a 23.0.0.185 en Windows y OS X y en versiones anteriores a 11.2.202.637 en Linux permite a atacantes eludir restricciones destinadas al acceso a trav\u00e9s de vectores no especificados." } ], "id": "CVE-2016-4286", "lastModified": "2024-11-21T02:51:48.280", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-10-13T19:59:05.473", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/93497" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036985" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/93497" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036985" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-284" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-02-15 06:59
Modified
2024-11-21 03:24
Severity ?
Summary
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability in the h264 decoder routine. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "72027AB8-CD81-4DC3-9898-F4CE2BAE309A", "versionEndIncluding": "24.0.0.194", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "DB881360-123D-413E-88F3-C402DD92D1D1", "versionEndIncluding": "24.0.0.194", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "A2E601B7-FB5B-4B6B-8AC3-1B7503D3DBEB", "versionEndIncluding": "24.0.0.194", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EAA0C4E6-7324-424C-A7C8-DEE39551A847", "versionEndIncluding": "24.0.0.194", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability in the h264 decoder routine. Successful exploitation could lead to arbitrary code execution." }, { "lang": "es", "value": "Adobe Flash Player, versiones 24.0.0.194 y anteriores, tienen una vulnerabilidad explotable de desbordamiento de memoria din\u00e1mica en la rutina del decodificador h264. La explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario." } ], "id": "CVE-2017-2984", "lastModified": "2024-11-21T03:24:35.220", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-02-15T06:59:00.527", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/96193" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037815" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201702-20" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/96193" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037815" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201702-20" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-06-16 14:59
Modified
2024-11-21 02:51
Severity ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "39AF0D5D-0C43-4290-B815-19DB07A2FC1A", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EC2F8B78-73CC-44EC-BACF-A2878252992B", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E51D60E3-00C6-459E-B2B9-CA7E25D02FDA", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_11:*:*", "matchCriteriaId": "B1E62C9B-698D-4B21-B513-11F59AC95187", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "363B5A6C-BEE3-4141-8CDD-C1EA06FAD441", "versionEndIncluding": "11.2.202.621", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "80E80DEC-4724-49F4-BD19-4687A83CA56E", "versionEndIncluding": "18.0.0.352", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F", "vulnerable": true }, { "criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*", "matchCriteriaId": "028ABA8F-4E7B-4CD0-B6FC-3A0941E254BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "ED540469-C4DD-485D-9B89-6877B2A74217", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:-:*:*:*:*:*:*:*", "matchCriteriaId": "6EC5FACD-13BC-44E3-8EE1-032CE02760DF", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*", "matchCriteriaId": "232581CC-130A-4C62-A7E9-2EC9A9364D53", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "C6CE5198-C498-4672-AF4C-77AB4BE06C5C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:r2:*:*:*:*:*:*", "matchCriteriaId": "5F2558DF-2D1F-46BA-ABF1-08522D33268E", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." }, { "lang": "es", "value": "Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librer\u00edas Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos, una vulnerabiliad diferente a otras CVEs listadas en MS16-083." } ], "id": "CVE-2016-4143", "lastModified": "2024-11-21T02:51:28.453", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-06-16T14:59:24.967", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "psirt@adobe.com", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-09-14 18:59
Modified
2024-11-21 02:57
Severity ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player_desktop_runtime | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "E7CA6039-558F-4C74-95A6-5C651DD6884D", "versionEndIncluding": "11.2.202.632", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "15F5093D-7418-4D20-BFBA-081D69D7AE7F", "versionEndIncluding": "22.0.0.211", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "CE5BB30B-7DE2-469E-AF95-D552C2BF15F8", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "186A94B2-FFE5-48FF-BADA-0A8083C6CD3D", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "7DB6BA20-BD01-4169-AFE3-07DEB17381C9", "versionEndIncluding": "18.0.0.366", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "156F0DBE-F62C-4596-BF96-9E1224B74494", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.375 y 19.x hasta la versi\u00f3n 23.x en versiones anteriores a 23.0.0.162 en Windows y OS X y en versiones anteriores a 11.2.202.635 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6930, CVE-2016-6931 y CVE-2016-6932." } ], "id": "CVE-2016-6929", "lastModified": "2024-11-21T02:57:07.360", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-09-14T18:59:25.047", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/92927" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/92927" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-03-14 16:59
Modified
2024-11-21 03:24
Severity ?
Summary
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability related to an interaction between the privacy user interface and the ActionScript 2 Camera object. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "6F017128-1329-4EA4-9E6F-EFC279D1A296", "versionEndIncluding": "24.0.0.221", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "68A43DA8-9EE3-4423-9E01-7AEE3DD378DD", "versionEndIncluding": "24.0.0.221", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "C5EFFCBC-AB30-47D8-ACC5-91FDB5F733C6", "versionEndIncluding": "24.0.0.221", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "B72F98B2-B74E-4F12-9415-F0B94035F273", "versionEndIncluding": "24.0.0.221", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability related to an interaction between the privacy user interface and the ActionScript 2 Camera object. Successful exploitation could lead to arbitrary code execution." }, { "lang": "es", "value": "Adobe Flash Player versi\u00f3n 24.0.0.221 y versiones anteriores tienen una vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria explotable relacionado con una interacci\u00f3n entre la interfaz de privacidad del usuario y el objeto ActionScript 2 Camera. Una explotaci\u00f3n exitosa puede resultar en ejecuci\u00f3n arbitraria de c\u00f3digo.." } ], "id": "CVE-2017-3003", "lastModified": "2024-11-21T03:24:37.657", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-03-14T16:59:00.427", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0526.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/96861" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037994" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-07.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201703-02" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0526.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/96861" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037994" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-07.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201703-02" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-03-12 15:59
Modified
2024-11-21 02:42
Severity ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | air | * | |
android | - | ||
adobe | air_sdk | * | |
samsung | x14j_firmware | t-ms14jakucb-1102.5 | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "7DB17574-F635-4CD2-97CD-92802EB88D83", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*", "matchCriteriaId": "026FF3B7-3C8D-42CA-AA19-678245A98619", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "00014504-21F2-4868-A17F-2B46E8F5D4B2", "versionEndIncluding": "20.0.0.260", "vulnerable": true }, { "criteria": "cpe:2.3:o:samsung:x14j_firmware:t-ms14jakucb-1102.5:*:*:*:*:*:*:*", "matchCriteriaId": "3A5867B4-EC19-45D4-87BE-867E1D41ECD5", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "FE45C4DB-E4D8-4AF7-9F13-963C62121EFF", "versionEndIncluding": "11.2.202.569", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "759CBC1F-B487-4562-9846-73B9D5DB2278", "versionEndIncluding": "20.2.2.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "AA526566-68B7-44D8-9886-41EE8E6C328B", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "56042C70-3EDA-47F9-AF4E-585659142AF7", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "F8FC6A7D-B68A-45D6-8AAA-97B0D88DA0A5", "versionEndIncluding": "20.0.0.260", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "602FF6D7-8811-443C-83F3-1306965872D7", "versionEndIncluding": "20.0.0.260", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.333 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.182 en Windows y OS X y en versiones anteriores a 11.2.202.577 en Linux, Adobe AIR en versiones anteriores a 21.0.0.176, Adobe AIR SDK en versiones anteriores a 21.0.0.176 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 21.0.0.176 permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-0987, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999 y CVE-2016-1000." } ], "evaluatorComment": "CWE-416: Use After Free", "id": "CVE-2016-0988", "lastModified": "2024-11-21T02:42:47.453", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-03-12T15:59:08.743", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84312" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035251" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84312" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035251" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-02-10 20:59
Modified
2024-11-21 02:42
Severity ?
Summary
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0980, and CVE-2016-0981.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "9C8C62C1-327A-4D04-A51C-0614DB4F5493", "versionEndIncluding": "11.2.202.559", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "BAFA5674-4EBC-4587-87C6-22A522B487C6", "versionEndIncluding": "20.0.0.286", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "002CFEA6-D147-44B4-90FC-0D3C68D96082", "versionEndIncluding": "18.0.0.326", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "F40FBAAB-92FC-45AF-B656-E87ECC4C4816", "versionEndIncluding": "20.0.0.272", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "686929A4-EB67-47B6-87EC-453BCD13FE20", "versionEndIncluding": "20.0.0.286", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E823E5FE-7367-41DE-8CD7-842C5C2F53CE", "versionEndIncluding": "20.0.0.272", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "18BA497D-0C1D-451E-B54F-4028FD9B9F3B", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "F09C5C9A-0493-4601-84AE-3A9C5985231D", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "00D08966-361A-430D-9B39-ED143404EBF6", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0980, and CVE-2016-0981." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.329 y 19.x y 20.x en versiones anteriores a 20.0.0.306 en Windows y OS X y en versiones anteriores a 11.2.202.569 en Linux, Adobe AIR en versiones anteriores a 20.0.0.260, Adobe AIR SDK en versiones anteriores a 20.0.0.260 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 20.0.0.260 permiten a atacantes ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0980 y CVE-2016-0981." } ], "id": "CVE-2016-0979", "lastModified": "2024-11-21T02:42:46.140", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-02-10T20:59:27.157", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1034970" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1034970" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-06-16 14:59
Modified
2024-11-21 02:51
Severity ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EC2F8B78-73CC-44EC-BACF-A2878252992B", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "363B5A6C-BEE3-4141-8CDD-C1EA06FAD441", "versionEndIncluding": "11.2.202.621", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "80E80DEC-4724-49F4-BD19-4687A83CA56E", "versionEndIncluding": "18.0.0.352", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E51D60E3-00C6-459E-B2B9-CA7E25D02FDA", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "AEBB9124-E2D5-435E-A59A-9B250374ABD6", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "39AF0D5D-0C43-4290-B815-19DB07A2FC1A", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F", "vulnerable": true }, { "criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*", "matchCriteriaId": "028ABA8F-4E7B-4CD0-B6FC-3A0941E254BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "ED540469-C4DD-485D-9B89-6877B2A74217", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." }, { "lang": "es", "value": "Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librer\u00edas Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos, una vulnerabiliad diferente a otras CVEs listadas en MS16-083." } ], "id": "CVE-2016-4125", "lastModified": "2024-11-21T02:51:25.773", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-06-16T14:59:06.247", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-06-16 14:59
Modified
2024-11-21 02:51
Severity ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "39AF0D5D-0C43-4290-B815-19DB07A2FC1A", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EC2F8B78-73CC-44EC-BACF-A2878252992B", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E51D60E3-00C6-459E-B2B9-CA7E25D02FDA", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_11:*:*", "matchCriteriaId": "B1E62C9B-698D-4B21-B513-11F59AC95187", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "363B5A6C-BEE3-4141-8CDD-C1EA06FAD441", "versionEndIncluding": "11.2.202.621", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "80E80DEC-4724-49F4-BD19-4687A83CA56E", "versionEndIncluding": "18.0.0.352", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F", "vulnerable": true }, { "criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*", "matchCriteriaId": "028ABA8F-4E7B-4CD0-B6FC-3A0941E254BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "ED540469-C4DD-485D-9B89-6877B2A74217", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:-:*:*:*:*:*:*:*", "matchCriteriaId": "6EC5FACD-13BC-44E3-8EE1-032CE02760DF", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*", "matchCriteriaId": "232581CC-130A-4C62-A7E9-2EC9A9364D53", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "C6CE5198-C498-4672-AF4C-77AB4BE06C5C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:r2:*:*:*:*:*:*", "matchCriteriaId": "5F2558DF-2D1F-46BA-ABF1-08522D33268E", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." }, { "lang": "es", "value": "Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librer\u00edas Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos, una vulnerabiliad diferente a otras CVEs listadas en MS16-083." } ], "id": "CVE-2016-4146", "lastModified": "2024-11-21T02:51:28.920", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-06-16T14:59:28.187", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "psirt@adobe.com", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-06-16 14:59
Modified
2024-11-21 02:51
Severity ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EC2F8B78-73CC-44EC-BACF-A2878252992B", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "363B5A6C-BEE3-4141-8CDD-C1EA06FAD441", "versionEndIncluding": "11.2.202.621", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "80E80DEC-4724-49F4-BD19-4687A83CA56E", "versionEndIncluding": "18.0.0.352", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E51D60E3-00C6-459E-B2B9-CA7E25D02FDA", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "AEBB9124-E2D5-435E-A59A-9B250374ABD6", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "39AF0D5D-0C43-4290-B815-19DB07A2FC1A", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F", "vulnerable": true }, { "criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*", "matchCriteriaId": "028ABA8F-4E7B-4CD0-B6FC-3A0941E254BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "ED540469-C4DD-485D-9B89-6877B2A74217", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." }, { "lang": "es", "value": "Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librer\u00edas Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos, una vulnerabiliad diferente a otras CVEs listadas en MS16-083." } ], "id": "CVE-2016-4122", "lastModified": "2024-11-21T02:51:25.357", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-06-16T14:59:02.900", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-09-14 18:59
Modified
2024-11-21 02:57
Severity ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player_desktop_runtime | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "E7CA6039-558F-4C74-95A6-5C651DD6884D", "versionEndIncluding": "11.2.202.632", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "15F5093D-7418-4D20-BFBA-081D69D7AE7F", "versionEndIncluding": "22.0.0.211", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "CE5BB30B-7DE2-469E-AF95-D552C2BF15F8", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "186A94B2-FFE5-48FF-BADA-0A8083C6CD3D", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "7DB6BA20-BD01-4169-AFE3-07DEB17381C9", "versionEndIncluding": "18.0.0.366", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "156F0DBE-F62C-4596-BF96-9E1224B74494", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.375 y 19.x hasta la versi\u00f3n 23.x en versiones anteriores a 23.0.0.162 en Windows y OS X y en versiones anteriores a 11.2.202.635 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931 y CVE-2016-6932." } ], "id": "CVE-2016-6926", "lastModified": "2024-11-21T02:57:07.080", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-09-14T18:59:23.127", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/92927" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/92927" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-05-09 16:29
Modified
2024-11-21 03:24
Severity ?
Summary
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BlendMode class. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player_desktop_runtime | * | |
linux | linux_kernel | - | |
microsoft | windows | - | |
redhat | enterprise_linux | 6.0 | |
redhat | enterprise_linux_desktop | 6.0 | |
redhat | enterprise_linux_workstation | 6.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "468D7461-525B-4955-86D3-634AD5F67D8B", "versionEndIncluding": "25.0.0.163", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "F993D3FB-20C2-45F9-B12A-C3B43626BE87", "versionEndIncluding": "25.0.0.148", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E1797469-2189-46B4-B989-65C723FB94DE", "versionEndIncluding": "25.0.0.148", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "5911F9A3-8BF4-41EC-A676-0B82E2BB955D", "versionEndIncluding": "25.0.0.148", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "388C1F56-BCBB-486E-8782-322283207C1F", "versionEndIncluding": "25.0.0.148", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BlendMode class. Successful exploitation could lead to arbitrary code execution." }, { "lang": "es", "value": "Flash Player versiones 25.0.0.148 y anteriores de Adobe, presenta una vulnerabilidad de corrupci\u00f3n de memoria explotable en la clase BlendMode. Una explotaci\u00f3n con \u00e9xito podr\u00eda conllevar a la ejecuci\u00f3n de c\u00f3digo arbitraria." } ], "id": "CVE-2017-3069", "lastModified": "2024-11-21T03:24:46.100", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-05-09T16:29:00.247", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/98349" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1038427" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2017:1219" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-15.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201705-12" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/98349" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1038427" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2017:1219" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-15.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201705-12" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-07-17 13:18
Modified
2024-11-21 03:24
Severity ?
Summary
Adobe Flash Player versions 26.0.0.131 and earlier have an exploitable memory corruption vulnerability in the Action Script 3 raster data model. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "0D0B7A7C-BCAE-47E5-942D-45434E6F5770", "versionEndIncluding": "26.0.0.131", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "CDD1AB8B-529C-49C1-B7EA-28AB75C47B6F", "versionEndIncluding": "26.0.0.120", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "D4284037-6379-4D41-AFFA-CE2348981788", "versionEndIncluding": "26.0.0.120", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "C0BE88AA-85AC-41A3-B032-43BF5797A662", "versionEndIncluding": "26.0.0.131", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 26.0.0.131 and earlier have an exploitable memory corruption vulnerability in the Action Script 3 raster data model. Successful exploitation could lead to arbitrary code execution." }, { "lang": "es", "value": "Las versiones 26.0.0.131 y anteriores de Adobe Flash Player, presentan una vulnerabilidad explotable de corrupci\u00f3n de memoria en el modelo de datos r\u00e1ster de Action Script 3. Una explotaci\u00f3n con \u00e9xito conllevar\u00eda a la ejecuci\u00f3n de c\u00f3digo arbitraria." } ], "id": "CVE-2017-3099", "lastModified": "2024-11-21T03:24:49.840", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-07-17T13:18:26.140", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/99520" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1038845" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2017:1731" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-21.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201707-15" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/99520" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1038845" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2017:1731" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-21.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201707-15" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-03-04 23:59
Modified
2024-11-21 02:38
Severity ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via crafted MPEG-4 data, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, CVE-2015-8454, CVE-2015-8655, CVE-2015-8821, and CVE-2015-8822.
References
▼ | URL | Tags | |
---|---|---|---|
psirt@adobe.com | http://www.securityfocus.com/bid/84162 | Broken Link, Third Party Advisory, VDB Entry | |
psirt@adobe.com | http://www.zerodayinitiative.com/advisories/ZDI-15-657 | Third Party Advisory, VDB Entry | |
psirt@adobe.com | https://helpx.adobe.com/security/products/flash-player/apsb15-32.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/84162 | Broken Link, Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.zerodayinitiative.com/advisories/ZDI-15-657 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/flash-player/apsb15-32.html | Patch, Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air | * | |
android | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "A02328C4-D810-4774-8F28-2B5FB6C7CDB5", "versionEndIncluding": "11.2.202.548", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "60921187-5894-4500-A822-02986DC497C9", "versionEndIncluding": "19.0.0.245", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "40DB16C2-C074-4BA5-BAC3-7BF751724E01", "versionEndIncluding": "18.0.0.261", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*", "matchCriteriaId": "0D229E41-A971-4284-9657-16D78414B93F", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "9A6F84D7-62F0-45C0-962B-5EC8946B67AA", "versionEndIncluding": "19.0.0.245", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "82EBB50D-BFC5-4165-A673-D98BD23C79C8", "versionEndIncluding": "19.0.0.245", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "C5C96375-3919-417F-ADDC-657F3676EF91", "versionEndIncluding": "19.0.0.245", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "BADDF83B-C087-49E8-A628-171106018227", "versionEndIncluding": "19.0.0.241", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "89A1DBA3-8B4E-4832-8D39-6490CD99FE6B", "versionEndIncluding": "19.0.0.241", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "7C30B2BE-C291-495C-B7A8-A27492BE7177", "versionEndIncluding": "19.0.0.241", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*", "matchCriteriaId": "044936DC-41A9-407F-BE64-B0D6FD7F501E", "versionEndIncluding": "19.0.0.241", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK \u0026 Compiler before 20.0.0.204 allows attackers to execute arbitrary code via crafted MPEG-4 data, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, CVE-2015-8454, CVE-2015-8655, CVE-2015-8821, and CVE-2015-8822." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.268 y 19.x y 20.x en versiones anteriores a 20.0.0.228 en Windows y OS X y en versiones anteriores a 11.2.202.554 en Linux, Adobe AIR en versiones anteriores a 20.0.0.204, Adobe AIR SDK en versiones anteriores a 20.0.0.204 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 20.0.0.204 permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de datos MPEG-4 manipulados, una vulnerabilidad diferente a CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, CVE-2015-8454, CVE-2015-8655, CVE-2015-8821 y CVE-2015-8822." } ], "id": "CVE-2015-8653", "lastModified": "2024-11-21T02:38:54.090", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-03-04T23:59:01.797", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84162" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-657" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84162" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-657" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-03-04 23:59
Modified
2024-11-21 02:38
Severity ?
Summary
Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8654, CVE-2015-8656, CVE-2015-8657, CVE-2015-8658, and CVE-2015-8820.
References
▼ | URL | Tags | |
---|---|---|---|
psirt@adobe.com | http://www.securityfocus.com/bid/84160 | Broken Link, Third Party Advisory, VDB Entry | |
psirt@adobe.com | http://www.zerodayinitiative.com/advisories/ZDI-15-656 | Third Party Advisory, VDB Entry | |
psirt@adobe.com | https://helpx.adobe.com/security/products/flash-player/apsb15-32.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/84160 | Broken Link, Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.zerodayinitiative.com/advisories/ZDI-15-656 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/flash-player/apsb15-32.html | Patch, Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air | * | |
android | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "A02328C4-D810-4774-8F28-2B5FB6C7CDB5", "versionEndIncluding": "11.2.202.548", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "60921187-5894-4500-A822-02986DC497C9", "versionEndIncluding": "19.0.0.245", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "40DB16C2-C074-4BA5-BAC3-7BF751724E01", "versionEndIncluding": "18.0.0.261", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*", "matchCriteriaId": "0D229E41-A971-4284-9657-16D78414B93F", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "9A6F84D7-62F0-45C0-962B-5EC8946B67AA", "versionEndIncluding": "19.0.0.245", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "82EBB50D-BFC5-4165-A673-D98BD23C79C8", "versionEndIncluding": "19.0.0.245", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "C5C96375-3919-417F-ADDC-657F3676EF91", "versionEndIncluding": "19.0.0.245", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "BADDF83B-C087-49E8-A628-171106018227", "versionEndIncluding": "19.0.0.241", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "89A1DBA3-8B4E-4832-8D39-6490CD99FE6B", "versionEndIncluding": "19.0.0.241", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "7C30B2BE-C291-495C-B7A8-A27492BE7177", "versionEndIncluding": "19.0.0.241", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*", "matchCriteriaId": "044936DC-41A9-407F-BE64-B0D6FD7F501E", "versionEndIncluding": "19.0.0.241", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK \u0026 Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8654, CVE-2015-8656, CVE-2015-8657, CVE-2015-8658, and CVE-2015-8820." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.268 y 19.x y 20.x en versiones anteriores a 20.0.0.228 en Windows y OS X y en versiones anteriores a 11.2.202.554 en Linux, Adobe AIR en versiones anteriores a 20.0.0.204, Adobe AIR SDK en versiones anteriores a 20.0.0.204 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 20.0.0.204 permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (lectura fuera de rango y corrupci\u00f3n de memoria) a trav\u00e9s de datos MPEG-4 manipulados, una vulnerabilidad diferente a CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8654, CVE-2015-8656, CVE-2015-8657, CVE-2015-8658 y CVE-2015-8820." } ], "id": "CVE-2015-8652", "lastModified": "2024-11-21T02:38:53.950", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-03-04T23:59:00.127", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84160" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-656" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84160" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-656" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2024-11-21 02:51
Severity ?
Summary
Race condition in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to obtain sensitive information via unspecified vectors.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Race condition in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to obtain sensitive information via unspecified vectors." }, { "lang": "es", "value": "Condici\u00f3n de carrera en Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes obtener informaci\u00f3n sensible a trav\u00e9s de vectores no especificados." } ], "id": "CVE-2016-4247", "lastModified": "2024-11-21T02:51:43.513", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 4.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" }, "exploitabilityScore": 1.6, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T02:00:53.627", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91720" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91720" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-362" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2018-07-09 19:29
Modified
2024-11-21 04:07
Severity ?
Summary
Adobe Flash Player versions 29.0.0.171 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
References
▼ | URL | Tags | |
---|---|---|---|
psirt@adobe.com | http://www.securityfocus.com/bid/104413 | Third Party Advisory, VDB Entry | |
psirt@adobe.com | http://www.securitytracker.com/id/1041058 | Third Party Advisory, VDB Entry | |
psirt@adobe.com | https://access.redhat.com/errata/RHSA-2018:1827 | Third Party Advisory | |
psirt@adobe.com | https://helpx.adobe.com/security/products/flash-player/apsb18-19.html | Patch, Vendor Advisory | |
psirt@adobe.com | https://security.gentoo.org/glsa/201806-02 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/104413 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041058 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:1827 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/flash-player/apsb18-19.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201806-02 | Third Party Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
redhat | enterprise_linux_desktop | 6.0 | |
redhat | enterprise_linux_server | 6.0 | |
redhat | enterprise_linux_workstation | 6.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "DC761085-74A4-496C-B221-5949B32EBB30", "versionEndIncluding": "29.0.0.171", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "3031D75C-69D7-4706-BF72-E07A4454A5C7", "versionEndIncluding": "29.0.0.171", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "31913F89-EB71-44A8-8AFB-E284AE191BE7", "versionEndIncluding": "29.0.0.171", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_11:*:*", "matchCriteriaId": "6028F4B9-007F-4C11-968B-A63D1E2D2826", "versionEndIncluding": "29.0.0.171", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 29.0.0.171 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure." }, { "lang": "es", "value": "Adobe Flash Player en versiones 29.0.0.171 y anteriores tiene una vulnerabilidad de lectura fuera de l\u00edmites. Su explotaci\u00f3n con \u00e9xito podr\u00eda resultar en una divulgaci\u00f3n de informaci\u00f3n." } ], "id": "CVE-2018-5001", "lastModified": "2024-11-21T04:07:53.620", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-07-09T19:29:03.703", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/104413" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1041058" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:1827" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-19.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201806-02" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/104413" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1041058" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:1827" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-19.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201806-02" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-125" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-03-14 16:59
Modified
2024-11-21 03:24
Severity ?
Summary
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability related to garbage collection in the ActionScript 2 VM. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "6F017128-1329-4EA4-9E6F-EFC279D1A296", "versionEndIncluding": "24.0.0.221", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "68A43DA8-9EE3-4423-9E01-7AEE3DD378DD", "versionEndIncluding": "24.0.0.221", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "C5EFFCBC-AB30-47D8-ACC5-91FDB5F733C6", "versionEndIncluding": "24.0.0.221", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "B72F98B2-B74E-4F12-9415-F0B94035F273", "versionEndIncluding": "24.0.0.221", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability related to garbage collection in the ActionScript 2 VM. Successful exploitation could lead to arbitrary code execution." }, { "lang": "es", "value": "Adobe Flash Player versi\u00f3n 24.0.0.221 y versiones anteriores tienen una vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria explotable relacionada con la recolecci\u00f3n de basura en la ActionScript 2 VM. Una explotaci\u00f3n exitosa puede resultar en ejecuci\u00f3n arbitraria de c\u00f3digo.." } ], "id": "CVE-2017-3001", "lastModified": "2024-11-21T03:24:37.400", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-03-14T16:59:00.367", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0526.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/96861" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037994" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-07.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201703-02" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0526.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/96861" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037994" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-07.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201703-02" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-03-04 23:59
Modified
2024-11-21 02:38
Severity ?
Summary
Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (uninitialized pointer dereference and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8654, CVE-2015-8656, CVE-2015-8657, and CVE-2015-8820.
References
▼ | URL | Tags | |
---|---|---|---|
psirt@adobe.com | http://www.securityfocus.com/bid/84160 | Broken Link, Third Party Advisory, VDB Entry | |
psirt@adobe.com | http://www.zerodayinitiative.com/advisories/ZDI-15-662 | Third Party Advisory, VDB Entry | |
psirt@adobe.com | https://helpx.adobe.com/security/products/flash-player/apsb15-32.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/84160 | Broken Link, Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.zerodayinitiative.com/advisories/ZDI-15-662 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/flash-player/apsb15-32.html | Patch, Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air | * | |
android | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "A02328C4-D810-4774-8F28-2B5FB6C7CDB5", "versionEndIncluding": "11.2.202.548", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "60921187-5894-4500-A822-02986DC497C9", "versionEndIncluding": "19.0.0.245", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "40DB16C2-C074-4BA5-BAC3-7BF751724E01", "versionEndIncluding": "18.0.0.261", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*", "matchCriteriaId": "0D229E41-A971-4284-9657-16D78414B93F", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "9A6F84D7-62F0-45C0-962B-5EC8946B67AA", "versionEndIncluding": "19.0.0.245", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "82EBB50D-BFC5-4165-A673-D98BD23C79C8", "versionEndIncluding": "19.0.0.245", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "C5C96375-3919-417F-ADDC-657F3676EF91", "versionEndIncluding": "19.0.0.245", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "BADDF83B-C087-49E8-A628-171106018227", "versionEndIncluding": "19.0.0.241", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "89A1DBA3-8B4E-4832-8D39-6490CD99FE6B", "versionEndIncluding": "19.0.0.241", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "7C30B2BE-C291-495C-B7A8-A27492BE7177", "versionEndIncluding": "19.0.0.241", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*", "matchCriteriaId": "044936DC-41A9-407F-BE64-B0D6FD7F501E", "versionEndIncluding": "19.0.0.241", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK \u0026 Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (uninitialized pointer dereference and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8654, CVE-2015-8656, CVE-2015-8657, and CVE-2015-8820." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.268 y 19.x y 20.x en versiones anteriores a 20.0.0.228 en Windows y OS X y en versiones anteriores a 11.2.202.554 en Linux, Adobe AIR en versiones anteriores a 20.0.0.204, Adobe AIR SDK en versiones anteriores a 20.0.0.204 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 20.0.0.204 permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (referencia a puntero no inicializado y corrupci\u00f3n de memoria) a trav\u00e9s de datos MPEG-4 manipulados, una vulnerabilidad diferente a CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8654, CVE-2015-8656, CVE-2015-8657 y CVE-2015-8820." } ], "id": "CVE-2015-8658", "lastModified": "2024-11-21T02:38:54.713", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-03-04T23:59:07.843", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84160" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-662" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84160" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-662" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-06-16 14:59
Modified
2024-11-21 02:51
Severity ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EC2F8B78-73CC-44EC-BACF-A2878252992B", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "363B5A6C-BEE3-4141-8CDD-C1EA06FAD441", "versionEndIncluding": "11.2.202.621", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "80E80DEC-4724-49F4-BD19-4687A83CA56E", "versionEndIncluding": "18.0.0.352", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E51D60E3-00C6-459E-B2B9-CA7E25D02FDA", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "AEBB9124-E2D5-435E-A59A-9B250374ABD6", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "39AF0D5D-0C43-4290-B815-19DB07A2FC1A", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F", "vulnerable": true }, { "criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*", "matchCriteriaId": "028ABA8F-4E7B-4CD0-B6FC-3A0941E254BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "ED540469-C4DD-485D-9B89-6877B2A74217", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." }, { "lang": "es", "value": "Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librer\u00edas Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos, una vulnerabiliad diferente a otras CVEs listadas en MS16-083." } ], "id": "CVE-2016-4153", "lastModified": "2024-11-21T02:51:30.030", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-06-16T14:59:35.657", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 on Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245 y CVE-2016-4246." } ], "id": "CVE-2016-4219", "lastModified": "2024-11-21T02:51:39.293", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T02:00:27.653", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-06-16 14:59
Modified
2024-11-21 02:51
Severity ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EC2F8B78-73CC-44EC-BACF-A2878252992B", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "363B5A6C-BEE3-4141-8CDD-C1EA06FAD441", "versionEndIncluding": "11.2.202.621", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "80E80DEC-4724-49F4-BD19-4687A83CA56E", "versionEndIncluding": "18.0.0.352", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E51D60E3-00C6-459E-B2B9-CA7E25D02FDA", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "AEBB9124-E2D5-435E-A59A-9B250374ABD6", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "39AF0D5D-0C43-4290-B815-19DB07A2FC1A", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F", "vulnerable": true }, { "criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*", "matchCriteriaId": "028ABA8F-4E7B-4CD0-B6FC-3A0941E254BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "ED540469-C4DD-485D-9B89-6877B2A74217", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." }, { "lang": "es", "value": "Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librer\u00edas Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos, una vulnerabiliad diferente a otras CVEs listadas en MS16-083." } ], "id": "CVE-2016-4127", "lastModified": "2024-11-21T02:51:26.030", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-06-16T14:59:08.153", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-06-16 14:59
Modified
2024-11-21 02:51
Severity ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EC2F8B78-73CC-44EC-BACF-A2878252992B", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "363B5A6C-BEE3-4141-8CDD-C1EA06FAD441", "versionEndIncluding": "11.2.202.621", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "80E80DEC-4724-49F4-BD19-4687A83CA56E", "versionEndIncluding": "18.0.0.352", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E51D60E3-00C6-459E-B2B9-CA7E25D02FDA", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "AEBB9124-E2D5-435E-A59A-9B250374ABD6", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "39AF0D5D-0C43-4290-B815-19DB07A2FC1A", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F", "vulnerable": true }, { "criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*", "matchCriteriaId": "028ABA8F-4E7B-4CD0-B6FC-3A0941E254BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "ED540469-C4DD-485D-9B89-6877B2A74217", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." }, { "lang": "es", "value": "Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librer\u00edas Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos, una vulnerabiliad diferente a otras CVEs listadas en MS16-083." } ], "id": "CVE-2016-4151", "lastModified": "2024-11-21T02:51:29.707", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-06-16T14:59:33.437", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2018-07-09 19:29
Modified
2024-11-21 04:07
Severity ?
Summary
Adobe Flash Player versions 29.0.0.171 and earlier have a Type Confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
References
▼ | URL | Tags | |
---|---|---|---|
psirt@adobe.com | http://www.securityfocus.com/bid/104413 | Third Party Advisory, VDB Entry | |
psirt@adobe.com | http://www.securitytracker.com/id/1041058 | Third Party Advisory, VDB Entry | |
psirt@adobe.com | https://access.redhat.com/errata/RHSA-2018:1827 | Third Party Advisory | |
psirt@adobe.com | https://helpx.adobe.com/security/products/flash-player/apsb18-19.html | Patch, Vendor Advisory | |
psirt@adobe.com | https://security.gentoo.org/glsa/201806-02 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/104413 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041058 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:1827 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/flash-player/apsb18-19.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201806-02 | Third Party Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
redhat | enterprise_linux_desktop | 6.0 | |
redhat | enterprise_linux_server | 6.0 | |
redhat | enterprise_linux_workstation | 6.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "DC761085-74A4-496C-B221-5949B32EBB30", "versionEndIncluding": "29.0.0.171", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "3031D75C-69D7-4706-BF72-E07A4454A5C7", "versionEndIncluding": "29.0.0.171", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "31913F89-EB71-44A8-8AFB-E284AE191BE7", "versionEndIncluding": "29.0.0.171", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_11:*:*", "matchCriteriaId": "6028F4B9-007F-4C11-968B-A63D1E2D2826", "versionEndIncluding": "29.0.0.171", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 29.0.0.171 and earlier have a Type Confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user." }, { "lang": "es", "value": "Adobe Flash Player en versiones 29.0.0.171 y anteriores tiene una vulnerabilidad de confusi\u00f3n de tipos. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir la ejecuci\u00f3n de c\u00f3digo arbitrario en el contexto del usuario actual." } ], "id": "CVE-2018-4945", "lastModified": "2024-11-21T04:07:45.900", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-07-09T19:29:00.450", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/104413" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1041058" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:1827" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-19.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201806-02" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/104413" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1041058" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:1827" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-19.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201806-02" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-704" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-02-10 20:59
Modified
2024-11-21 02:42
Severity ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0982, and CVE-2016-0984.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "9C8C62C1-327A-4D04-A51C-0614DB4F5493", "versionEndIncluding": "11.2.202.559", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "BAFA5674-4EBC-4587-87C6-22A522B487C6", "versionEndIncluding": "20.0.0.286", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "002CFEA6-D147-44B4-90FC-0D3C68D96082", "versionEndIncluding": "18.0.0.326", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "F40FBAAB-92FC-45AF-B656-E87ECC4C4816", "versionEndIncluding": "20.0.0.272", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "686929A4-EB67-47B6-87EC-453BCD13FE20", "versionEndIncluding": "20.0.0.286", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E823E5FE-7367-41DE-8CD7-842C5C2F53CE", "versionEndIncluding": "20.0.0.272", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "18BA497D-0C1D-451E-B54F-4028FD9B9F3B", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "F09C5C9A-0493-4601-84AE-3A9C5985231D", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "00D08966-361A-430D-9B39-ED143404EBF6", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0982, and CVE-2016-0984." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.329 y 19.x y 20.x en versiones anteriores a 20.0.0.306 en Windows y OS X y en versiones anteriores a 11.2.202.569 en Linux, Adobe AIR en versiones anteriores a 20.0.0.260, Adobe AIR SDK en versiones anteriores a 20.0.0.260 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 20.0.0.260 permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0982 y CVE-2016-0984." } ], "id": "CVE-2016-0983", "lastModified": "2024-11-21T02:42:46.690", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-02-10T20:59:31.657", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1034970" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1034970" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-10-05 21:59
Modified
2024-11-21 02:57
Severity ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248.
References
▼ | URL | Tags | |
---|---|---|---|
psirt@adobe.com | http://www.securityfocus.com/bid/94192 | Broken Link, Third Party Advisory, VDB Entry | |
psirt@adobe.com | https://access.redhat.com/errata/RHSA-2016:1423 | Third Party Advisory | |
psirt@adobe.com | https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/94192 | Broken Link, Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2016:1423 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | Patch, Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente de CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231 y CVE-2016-4248." } ], "id": "CVE-2016-7020", "lastModified": "2024-11-21T02:57:18.713", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-10-05T21:59:01.257", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/94192" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/94192" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2018-11-29 20:29
Modified
2024-11-21 03:51
Severity ?
Summary
Flash Player versions 31.0.0.148 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags | |
---|---|---|---|
psirt@adobe.com | http://www.securityfocus.com/bid/105964 | Third Party Advisory, VDB Entry | |
psirt@adobe.com | http://www.securitytracker.com/id/1042151 | Third Party Advisory, VDB Entry | |
psirt@adobe.com | https://access.redhat.com/errata/RHSA-2018:3644 | Third Party Advisory | |
psirt@adobe.com | https://helpx.adobe.com/security/products/flash-player/apsb18-44.html | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/105964 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1042151 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:3644 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/flash-player/apsb18-44.html | Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
redhat | enterprise_linux_desktop | 6.0 | |
redhat | enterprise_linux_server | 6.0 | |
redhat | enterprise_linux_workstation | 6.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "87A9D1DF-A1AB-42A7-B923-4782018C805D", "versionEndIncluding": "31.0.0.148", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "15F5D64D-EBCD-4364-93C4-18E7C27B8B2D", "versionEndIncluding": "31.0.0.148", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "4ADBCEBD-0D6C-43B5-BD08-D87464CDAD39", "versionEndIncluding": "31.0.0.148", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_11:*:*", "matchCriteriaId": "32E8ADAF-9372-4F75-AECB-991446D01EB2", "versionEndIncluding": "31.0.0.148", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Flash Player versions 31.0.0.148 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution." }, { "lang": "es", "value": "Flash Player, en versiones 31.0.0.148 y anteriores, tiene una vulnerabilidad de confusi\u00f3n de tipos. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo." } ], "id": "CVE-2018-15981", "lastModified": "2024-11-21T03:51:51.040", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-11-29T20:29:00.593", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/105964" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1042151" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:3644" }, { "source": "psirt@adobe.com", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-44.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/105964" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1042151" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:3644" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-44.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-704" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-04-22 18:59
Modified
2024-11-21 02:39
Severity ?
Summary
Use-after-free vulnerability in the TextField object implementation in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via crafted text property, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, CVE-2015-8454, CVE-2015-8653, CVE-2015-8655, CVE-2015-8821, and CVE-2015-8822.
References
▼ | URL | Tags | |
---|---|---|---|
psirt@adobe.com | http://www.zerodayinitiative.com/advisories/ZDI-15-665 | Third Party Advisory, VDB Entry | |
psirt@adobe.com | https://helpx.adobe.com/security/products/flash-player/apsb15-32.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.zerodayinitiative.com/advisories/ZDI-15-665 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/flash-player/apsb15-32.html | Patch, Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_8.0 | * | |
microsoft | windows_8.1 | * | |
adobe | flash_player | * | |
adobe | air | * | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
linux | linux_kernel | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | * | |
microsoft | windows_8.0 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_8.0:*:*:*:*:*:*:*:*", "matchCriteriaId": "461CBD40-CB18-4868-BAB4-CCBD724B9E07", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*", "matchCriteriaId": "A7F51B5F-AA19-4D31-89FA-6DFAC4BA8F0F", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "9A6F84D7-62F0-45C0-962B-5EC8946B67AA", "versionEndIncluding": "19.0.0.245", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*", "matchCriteriaId": "044936DC-41A9-407F-BE64-B0D6FD7F501E", "versionEndIncluding": "19.0.0.241", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "40DB16C2-C074-4BA5-BAC3-7BF751724E01", "versionEndIncluding": "18.0.0.261", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "82EBB50D-BFC5-4165-A673-D98BD23C79C8", "versionEndIncluding": "19.0.0.245", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "A02328C4-D810-4774-8F28-2B5FB6C7CDB5", "versionEndIncluding": "11.2.202.548", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "C5C96375-3919-417F-ADDC-657F3676EF91", "versionEndIncluding": "19.0.0.245", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "89A1DBA3-8B4E-4832-8D39-6490CD99FE6B", "versionEndIncluding": "19.0.0.241", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "7C30B2BE-C291-495C-B7A8-A27492BE7177", "versionEndIncluding": "19.0.0.241", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "60921187-5894-4500-A822-02986DC497C9", "versionEndIncluding": "19.0.0.245", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:*", "matchCriteriaId": "FBC814B4-7DEC-4EFC-ABFF-08FFD9FD16AA", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.0:-:*:*:*:*:*:*:*", "matchCriteriaId": "F265782D-8CEC-4C97-83A3-86404A1C09BE", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "9A6F84D7-62F0-45C0-962B-5EC8946B67AA", "versionEndIncluding": "19.0.0.245", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in the TextField object implementation in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK \u0026 Compiler before 20.0.0.204 allows attackers to execute arbitrary code via crafted text property, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, CVE-2015-8454, CVE-2015-8653, CVE-2015-8655, CVE-2015-8821, and CVE-2015-8822." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en la implementaci\u00f3n de objeto TextField en Adobe Flash Player en versiones anteriores a 18.0.0.268 y 19.x y 20.x en versiones anteriores a 20.0.0.228 en Windows y OS X y en versiones anteriores a 11.2.202.554 en Linux, Adobe AIR en versiones anteriores a 20.0.0.204, Adobe AIR SDK en versiones anteriores a 20.0.0.204 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 20.0.0.204 permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de la propiedad text manipulada, una vulnerabilidad diferente a CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, CVE-2015-8454, CVE-2015-8653, CVE-2015-8655, CVE-2015-8821 y CVE-2015-8822." } ], "evaluatorComment": "CWE-416: Use After Free", "id": "CVE-2015-8823", "lastModified": "2024-11-21T02:39:16.100", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-04-22T18:59:00.110", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-665" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-665" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-06-16 14:59
Modified
2024-11-21 02:51
Severity ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "39AF0D5D-0C43-4290-B815-19DB07A2FC1A", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EC2F8B78-73CC-44EC-BACF-A2878252992B", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E51D60E3-00C6-459E-B2B9-CA7E25D02FDA", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_11:*:*", "matchCriteriaId": "B1E62C9B-698D-4B21-B513-11F59AC95187", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "363B5A6C-BEE3-4141-8CDD-C1EA06FAD441", "versionEndIncluding": "11.2.202.621", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "80E80DEC-4724-49F4-BD19-4687A83CA56E", "versionEndIncluding": "18.0.0.352", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F", "vulnerable": true }, { "criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*", "matchCriteriaId": "028ABA8F-4E7B-4CD0-B6FC-3A0941E254BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "ED540469-C4DD-485D-9B89-6877B2A74217", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:-:*:*:*:*:*:*:*", "matchCriteriaId": "6EC5FACD-13BC-44E3-8EE1-032CE02760DF", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*", "matchCriteriaId": "232581CC-130A-4C62-A7E9-2EC9A9364D53", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "C6CE5198-C498-4672-AF4C-77AB4BE06C5C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:r2:*:*:*:*:*:*", "matchCriteriaId": "5F2558DF-2D1F-46BA-ABF1-08522D33268E", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." }, { "lang": "es", "value": "Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librer\u00edas Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos, una vulnerabiliad diferente a otras CVEs listadas en MS16-083." } ], "id": "CVE-2016-4132", "lastModified": "2024-11-21T02:51:26.783", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-06-16T14:59:13.450", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "psirt@adobe.com", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-02-15 06:59
Modified
2024-11-21 03:24
Severity ?
Summary
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable type confusion vulnerability related to the MessageChannel class. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "72027AB8-CD81-4DC3-9898-F4CE2BAE309A", "versionEndIncluding": "24.0.0.194", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "DB881360-123D-413E-88F3-C402DD92D1D1", "versionEndIncluding": "24.0.0.194", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "A2E601B7-FB5B-4B6B-8AC3-1B7503D3DBEB", "versionEndIncluding": "24.0.0.194", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EAA0C4E6-7324-424C-A7C8-DEE39551A847", "versionEndIncluding": "24.0.0.194", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable type confusion vulnerability related to the MessageChannel class. Successful exploitation could lead to arbitrary code execution." }, { "lang": "es", "value": "Adobe Flash Player, versiones 24.0.0.194 y anteriores, tienen una vulnerabilidad explotable de confusi\u00f3n de tipo relacionada con la clase MessageChannel. La explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario." } ], "id": "CVE-2017-2995", "lastModified": "2024-11-21T03:24:36.650", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-02-15T06:59:00.823", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/96191" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037815" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201702-20" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/96191" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037815" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201702-20" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-843" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2019-05-23 17:29
Modified
2024-11-21 04:47
Severity ?
Summary
Adobe Flash Player versions 32.0.0.156 and earlier, 32.0.0.156 and earlier, and 32.0.0.156 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags | |
---|---|---|---|
psirt@adobe.com | https://helpx.adobe.com/security/products/flash-player/apsb19-19.html | Vendor Advisory | |
psirt@adobe.com | https://security.gentoo.org/glsa/201908-21 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/flash-player/apsb19-19.html | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201908-21 | Third Party Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "FF0495B7-A006-49D1-B86F-36EEB469ED09", "versionEndIncluding": "32.0.0.156", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "7D203B13-BBC0-4FF6-BE7D-D910D4CB80D7", "versionEndIncluding": "32.0.0.156", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E04D5ACF-703C-43B4-AFE2-04DFCF91B11C", "versionEndIncluding": "32.0.0.156", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_11:*:*", "matchCriteriaId": "BDBAFC30-28E6-40F2-AAFE-07C640A47D5A", "versionEndIncluding": "32.0.0.156", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 32.0.0.156 and earlier, 32.0.0.156 and earlier, and 32.0.0.156 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution." }, { "lang": "es", "value": "Las versiones de Adobe Flash Player 32.0.0.156 y anteriores, 32.0.0.156 y anteriores, y 32.0.0.156 y anteriores, tienen una vulnerabilidad de uso de memoria previamente liberada (use-after-free). Su explotaci\u00f3n con \u00e9xito conllevar\u00eda a la ejecuci\u00f3n de c\u00f3digo arbitrario." } ], "id": "CVE-2019-7096", "lastModified": "2024-11-21T04:47:33.310", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2019-05-23T17:29:00.283", "references": [ { "source": "psirt@adobe.com", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb19-19.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201908-21" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb19-19.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201908-21" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-12-15 06:59
Modified
2024-11-21 02:58
Severity ?
Summary
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the TextField class. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "cisaActionDue": "2022-04-15", "cisaExploitAdd": "2022-03-25", "cisaRequiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "cisaVulnerabilityName": "Adobe Flash Player Use-After-Free Vulnerability", "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "CF0D14A5-39E1-4882-BB01-CEA5792A12A1", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "C9A6CB65-9F7A-4F32-BC34-F83524B7199C", "versionEndIncluding": "23.0.0.207", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "53F56649-F6A7-4CDE-B93C-5F7CB5986CB6", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "E36B0E89-5095-47A8-BF0F-68A9C37B356E", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "AA5B4F5E-0C58-42AD-8474-2FC6FAE237AB", "versionEndIncluding": "11.2.202.644", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the TextField class. Successful exploitation could lead to arbitrary code execution." }, { "lang": "es", "value": "Adobe Flash Player versi\u00f3n 23.0.0.207 y versiones anteriores, 11.2.202.644 y versiones anteriores tienen una vulnerabilidad explotable de uso despu\u00e9s de liberaci\u00f3n de memoria en TextField class. Una explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario." } ], "id": "CVE-2016-7892", "lastModified": "2024-11-21T02:58:40.177", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-12-15T06:59:56.313", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/94877" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037442" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/94877" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037442" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201701-17" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-06-16 14:59
Modified
2024-11-21 02:51
Severity ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "39AF0D5D-0C43-4290-B815-19DB07A2FC1A", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EC2F8B78-73CC-44EC-BACF-A2878252992B", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E51D60E3-00C6-459E-B2B9-CA7E25D02FDA", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_11:*:*", "matchCriteriaId": "B1E62C9B-698D-4B21-B513-11F59AC95187", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "363B5A6C-BEE3-4141-8CDD-C1EA06FAD441", "versionEndIncluding": "11.2.202.621", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "80E80DEC-4724-49F4-BD19-4687A83CA56E", "versionEndIncluding": "18.0.0.352", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F", "vulnerable": true }, { "criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*", "matchCriteriaId": "028ABA8F-4E7B-4CD0-B6FC-3A0941E254BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "ED540469-C4DD-485D-9B89-6877B2A74217", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:-:*:*:*:*:*:*:*", "matchCriteriaId": "6EC5FACD-13BC-44E3-8EE1-032CE02760DF", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*", "matchCriteriaId": "232581CC-130A-4C62-A7E9-2EC9A9364D53", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "C6CE5198-C498-4672-AF4C-77AB4BE06C5C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:r2:*:*:*:*:*:*", "matchCriteriaId": "5F2558DF-2D1F-46BA-ABF1-08522D33268E", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." }, { "lang": "es", "value": "Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librer\u00edas Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos, una vulnerabiliad diferente a otras CVEs listadas en MS16-083." } ], "id": "CVE-2016-4131", "lastModified": "2024-11-21T02:51:26.640", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-06-16T14:59:12.417", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "psirt@adobe.com", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-09-14 18:59
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player_desktop_runtime | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "E7CA6039-558F-4C74-95A6-5C651DD6884D", "versionEndIncluding": "11.2.202.632", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "15F5093D-7418-4D20-BFBA-081D69D7AE7F", "versionEndIncluding": "22.0.0.211", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "CE5BB30B-7DE2-469E-AF95-D552C2BF15F8", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "186A94B2-FFE5-48FF-BADA-0A8083C6CD3D", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "7DB6BA20-BD01-4169-AFE3-07DEB17381C9", "versionEndIncluding": "18.0.0.366", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "156F0DBE-F62C-4596-BF96-9E1224B74494", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.375 y 19.x hasta la versi\u00f3n 23.x en versiones anteriores a 23.0.0.162 en Windows y OS X y en versiones anteriores a 11.2.202.635 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4274, CVE-2016-4275, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922 y CVE-2016-6924." } ], "id": "CVE-2016-4276", "lastModified": "2024-11-21T02:51:46.950", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-09-14T18:59:05.497", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/92930" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/92930" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-04-09 01:59
Modified
2024-11-21 02:45
Severity ?
Summary
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, and CVE-2016-1032.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "DBB40E98-5A3C-4D4E-BF35-66D8490D6B96", "versionEndIncluding": "11.2.202.577", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EAB15A84-C6CE-4B87-B058-1ACAF56D96A5", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "68F6E54E-28D2-460A-9167-8BD0D3283E26", "versionEndIncluding": "18.0.0.333", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "0303DA1C-3C95-4E68-B654-579A302FDF62", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "9B384454-A4B4-4E57-8B0C-2B7BB8DCC545", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "7B5CCFA5-1620-4BC0-ABC3-10F6CFC2D7FB", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "5C86F836-BD68-4B24-87F0-536D61670256", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "B2F4F71D-DA29-43C6-B71F-26F0E1E82619", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "B1EBEC22-8E22-47A6-B3F9-2D577AFE5FA1", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, and CVE-2016-1032." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.343 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.213 en Windows y OS X y en versiones anteriores a 11.2.202.616 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente de CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029 y CVE-2016-1032." } ], "id": "CVE-2016-1033", "lastModified": "2024-11-21T02:45:38.457", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-04-09T01:59:47.530", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/85932" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035509" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/85932" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035509" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-02-10 20:59
Modified
2024-11-21 02:42
Severity ?
Summary
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "9C8C62C1-327A-4D04-A51C-0614DB4F5493", "versionEndIncluding": "11.2.202.559", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "BAFA5674-4EBC-4587-87C6-22A522B487C6", "versionEndIncluding": "20.0.0.286", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "002CFEA6-D147-44B4-90FC-0D3C68D96082", "versionEndIncluding": "18.0.0.326", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "F40FBAAB-92FC-45AF-B656-E87ECC4C4816", "versionEndIncluding": "20.0.0.272", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "686929A4-EB67-47B6-87EC-453BCD13FE20", "versionEndIncluding": "20.0.0.286", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E823E5FE-7367-41DE-8CD7-842C5C2F53CE", "versionEndIncluding": "20.0.0.272", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "18BA497D-0C1D-451E-B54F-4028FD9B9F3B", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "F09C5C9A-0493-4601-84AE-3A9C5985231D", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "00D08966-361A-430D-9B39-ED143404EBF6", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.329 y 19.x y 20.x en versiones anteriores a 20.0.0.306 en Windows y OS X y en versiones anteriores a 11.2.202.569 en Linux, Adobe AIR en versiones anteriores a 20.0.0.260, Adobe AIR SDK en versiones anteriores a 20.0.0.260 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 20.0.0.260 permiten a atacantes ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980 y CVE-2016-0981." } ], "id": "CVE-2016-0968", "lastModified": "2024-11-21T02:42:44.480", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-02-10T20:59:15.907", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1034970" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1034970" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-06-16 14:59
Modified
2024-11-21 02:51
Severity ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "39AF0D5D-0C43-4290-B815-19DB07A2FC1A", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EC2F8B78-73CC-44EC-BACF-A2878252992B", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E51D60E3-00C6-459E-B2B9-CA7E25D02FDA", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_11:*:*", "matchCriteriaId": "B1E62C9B-698D-4B21-B513-11F59AC95187", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "363B5A6C-BEE3-4141-8CDD-C1EA06FAD441", "versionEndIncluding": "11.2.202.621", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "80E80DEC-4724-49F4-BD19-4687A83CA56E", "versionEndIncluding": "18.0.0.352", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F", "vulnerable": true }, { "criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*", "matchCriteriaId": "028ABA8F-4E7B-4CD0-B6FC-3A0941E254BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "ED540469-C4DD-485D-9B89-6877B2A74217", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:-:*:*:*:*:*:*:*", "matchCriteriaId": "6EC5FACD-13BC-44E3-8EE1-032CE02760DF", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*", "matchCriteriaId": "232581CC-130A-4C62-A7E9-2EC9A9364D53", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "C6CE5198-C498-4672-AF4C-77AB4BE06C5C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:r2:*:*:*:*:*:*", "matchCriteriaId": "5F2558DF-2D1F-46BA-ABF1-08522D33268E", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." }, { "lang": "es", "value": "Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librer\u00edas Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos, una vulnerabiliad diferente a otras CVEs listadas en MS16-083." } ], "id": "CVE-2016-4141", "lastModified": "2024-11-21T02:51:28.167", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-06-16T14:59:22.873", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "psirt@adobe.com", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 on Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, y CVE-2016-4246." } ], "id": "CVE-2016-4220", "lastModified": "2024-11-21T02:51:39.450", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T02:00:28.527", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-04-09 01:59
Modified
2024-11-21 02:45
Severity ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1011, CVE-2016-1013, CVE-2016-1016, and CVE-2016-1017.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "DBB40E98-5A3C-4D4E-BF35-66D8490D6B96", "versionEndIncluding": "11.2.202.577", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EAB15A84-C6CE-4B87-B058-1ACAF56D96A5", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "68F6E54E-28D2-460A-9167-8BD0D3283E26", "versionEndIncluding": "18.0.0.333", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "0303DA1C-3C95-4E68-B654-579A302FDF62", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "9B384454-A4B4-4E57-8B0C-2B7BB8DCC545", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "7B5CCFA5-1620-4BC0-ABC3-10F6CFC2D7FB", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "5C86F836-BD68-4B24-87F0-536D61670256", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "B2F4F71D-DA29-43C6-B71F-26F0E1E82619", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "B1EBEC22-8E22-47A6-B3F9-2D577AFE5FA1", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1011, CVE-2016-1013, CVE-2016-1016, and CVE-2016-1017." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.343 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.213 en Windows y OS X y en versiones anteriores a 11.2.202.616 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente de CVE-2016-1011, CVE-2016-1013, CVE-2016-1016 y CVE-2016-1017." } ], "id": "CVE-2016-1031", "lastModified": "2024-11-21T02:45:38.207", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-04-09T01:59:45.563", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/85926" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035509" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/85926" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035509" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-06-16 14:59
Modified
2024-11-21 02:51
Severity ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "39AF0D5D-0C43-4290-B815-19DB07A2FC1A", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EC2F8B78-73CC-44EC-BACF-A2878252992B", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E51D60E3-00C6-459E-B2B9-CA7E25D02FDA", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_11:*:*", "matchCriteriaId": "B1E62C9B-698D-4B21-B513-11F59AC95187", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "363B5A6C-BEE3-4141-8CDD-C1EA06FAD441", "versionEndIncluding": "11.2.202.621", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "80E80DEC-4724-49F4-BD19-4687A83CA56E", "versionEndIncluding": "18.0.0.352", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F", "vulnerable": true }, { "criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*", "matchCriteriaId": "028ABA8F-4E7B-4CD0-B6FC-3A0941E254BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "ED540469-C4DD-485D-9B89-6877B2A74217", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:-:*:*:*:*:*:*:*", "matchCriteriaId": "6EC5FACD-13BC-44E3-8EE1-032CE02760DF", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*", "matchCriteriaId": "232581CC-130A-4C62-A7E9-2EC9A9364D53", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "C6CE5198-C498-4672-AF4C-77AB4BE06C5C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:r2:*:*:*:*:*:*", "matchCriteriaId": "5F2558DF-2D1F-46BA-ABF1-08522D33268E", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." }, { "lang": "es", "value": "Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librer\u00edas Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos, una vulnerabiliad diferente a otras CVEs listadas en MS16-083." } ], "id": "CVE-2016-4140", "lastModified": "2024-11-21T02:51:28.023", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-06-16T14:59:21.857", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "psirt@adobe.com", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-02-15 06:59
Modified
2024-11-21 03:24
Severity ?
Summary
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in a routine related to player shutdown. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "72027AB8-CD81-4DC3-9898-F4CE2BAE309A", "versionEndIncluding": "24.0.0.194", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "DB881360-123D-413E-88F3-C402DD92D1D1", "versionEndIncluding": "24.0.0.194", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "A2E601B7-FB5B-4B6B-8AC3-1B7503D3DBEB", "versionEndIncluding": "24.0.0.194", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EAA0C4E6-7324-424C-A7C8-DEE39551A847", "versionEndIncluding": "24.0.0.194", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in a routine related to player shutdown. Successful exploitation could lead to arbitrary code execution." }, { "lang": "es", "value": "Adobe Flash Player, versiones 24.0.0.194 y anteriores, tienen una vulnerabilidad explotable de uso despu\u00e9s de liberaci\u00f3n en una rutina relacionada con el apagado del reproductor. La explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario." } ], "id": "CVE-2017-2982", "lastModified": "2024-11-21T03:24:34.970", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-02-15T06:59:00.493", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/96199" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037815" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201702-20" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/96199" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037815" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201702-20" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-03-12 15:59
Modified
2024-11-21 02:42
Severity ?
Summary
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | air | * | |
android | - | ||
adobe | air_sdk | * | |
samsung | x14j_firmware | t-ms14jakucb-1102.5 | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "7DB17574-F635-4CD2-97CD-92802EB88D83", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*", "matchCriteriaId": "026FF3B7-3C8D-42CA-AA19-678245A98619", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "00014504-21F2-4868-A17F-2B46E8F5D4B2", "versionEndIncluding": "20.0.0.260", "vulnerable": true }, { "criteria": "cpe:2.3:o:samsung:x14j_firmware:t-ms14jakucb-1102.5:*:*:*:*:*:*:*", "matchCriteriaId": "3A5867B4-EC19-45D4-87BE-867E1D41ECD5", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "FE45C4DB-E4D8-4AF7-9F13-963C62121EFF", "versionEndIncluding": "11.2.202.569", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "759CBC1F-B487-4562-9846-73B9D5DB2278", "versionEndIncluding": "20.2.2.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "AA526566-68B7-44D8-9886-41EE8E6C328B", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "56042C70-3EDA-47F9-AF4E-585659142AF7", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "F8FC6A7D-B68A-45D6-8AAA-97B0D88DA0A5", "versionEndIncluding": "20.0.0.260", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "602FF6D7-8811-443C-83F3-1306965872D7", "versionEndIncluding": "20.0.0.260", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.333 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.182 en Windows y OS X y en versiones anteriores a 11.2.202.577 en Linux, Adobe AIR en versiones anteriores a 21.0.0.176, Adobe AIR SDK en versiones anteriores a 21.0.0.176 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 21.0.0.176 permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002 y CVE-2016-1005." } ], "id": "CVE-2016-0960", "lastModified": "2024-11-21T02:42:43.253", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-03-12T15:59:02.790", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84311" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035251" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84311" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035251" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-06-16 14:59
Modified
2024-11-21 02:51
Severity ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EC2F8B78-73CC-44EC-BACF-A2878252992B", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "363B5A6C-BEE3-4141-8CDD-C1EA06FAD441", "versionEndIncluding": "11.2.202.621", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "80E80DEC-4724-49F4-BD19-4687A83CA56E", "versionEndIncluding": "18.0.0.352", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E51D60E3-00C6-459E-B2B9-CA7E25D02FDA", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "AEBB9124-E2D5-435E-A59A-9B250374ABD6", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "39AF0D5D-0C43-4290-B815-19DB07A2FC1A", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F", "vulnerable": true }, { "criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*", "matchCriteriaId": "028ABA8F-4E7B-4CD0-B6FC-3A0941E254BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "ED540469-C4DD-485D-9B89-6877B2A74217", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." }, { "lang": "es", "value": "Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librer\u00edas Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos, una vulnerabiliad diferente a otras CVEs listadas en MS16-083." } ], "id": "CVE-2016-4130", "lastModified": "2024-11-21T02:51:26.497", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-06-16T14:59:11.357", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-06-16 14:59
Modified
2024-11-21 02:51
Severity ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "39AF0D5D-0C43-4290-B815-19DB07A2FC1A", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EC2F8B78-73CC-44EC-BACF-A2878252992B", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E51D60E3-00C6-459E-B2B9-CA7E25D02FDA", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_11:*:*", "matchCriteriaId": "B1E62C9B-698D-4B21-B513-11F59AC95187", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "363B5A6C-BEE3-4141-8CDD-C1EA06FAD441", "versionEndIncluding": "11.2.202.621", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "80E80DEC-4724-49F4-BD19-4687A83CA56E", "versionEndIncluding": "18.0.0.352", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F", "vulnerable": true }, { "criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*", "matchCriteriaId": "028ABA8F-4E7B-4CD0-B6FC-3A0941E254BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "ED540469-C4DD-485D-9B89-6877B2A74217", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:-:*:*:*:*:*:*:*", "matchCriteriaId": "6EC5FACD-13BC-44E3-8EE1-032CE02760DF", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*", "matchCriteriaId": "232581CC-130A-4C62-A7E9-2EC9A9364D53", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "C6CE5198-C498-4672-AF4C-77AB4BE06C5C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:r2:*:*:*:*:*:*", "matchCriteriaId": "5F2558DF-2D1F-46BA-ABF1-08522D33268E", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." }, { "lang": "es", "value": "Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librer\u00edas Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos, una vulnerabiliad diferente a otras CVEs listadas en MS16-083." } ], "id": "CVE-2016-4145", "lastModified": "2024-11-21T02:51:28.760", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-06-16T14:59:27.187", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "psirt@adobe.com", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-03-04 23:59
Modified
2024-11-21 02:39
Severity ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via crafted MPEG-4 data, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, CVE-2015-8454, CVE-2015-8653, CVE-2015-8655, and CVE-2015-8821.
References
▼ | URL | Tags | |
---|---|---|---|
psirt@adobe.com | http://www.zerodayinitiative.com/advisories/ZDI-15-664 | Third Party Advisory, VDB Entry | |
psirt@adobe.com | https://helpx.adobe.com/security/products/flash-player/apsb15-32.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.zerodayinitiative.com/advisories/ZDI-15-664 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/flash-player/apsb15-32.html | Patch, Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air | * | |
android | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "A02328C4-D810-4774-8F28-2B5FB6C7CDB5", "versionEndIncluding": "11.2.202.548", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "60921187-5894-4500-A822-02986DC497C9", "versionEndIncluding": "19.0.0.245", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "40DB16C2-C074-4BA5-BAC3-7BF751724E01", "versionEndIncluding": "18.0.0.261", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*", "matchCriteriaId": "0D229E41-A971-4284-9657-16D78414B93F", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "9A6F84D7-62F0-45C0-962B-5EC8946B67AA", "versionEndIncluding": "19.0.0.245", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "82EBB50D-BFC5-4165-A673-D98BD23C79C8", "versionEndIncluding": "19.0.0.245", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "C5C96375-3919-417F-ADDC-657F3676EF91", "versionEndIncluding": "19.0.0.245", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "BADDF83B-C087-49E8-A628-171106018227", "versionEndIncluding": "19.0.0.241", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "89A1DBA3-8B4E-4832-8D39-6490CD99FE6B", "versionEndIncluding": "19.0.0.241", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "7C30B2BE-C291-495C-B7A8-A27492BE7177", "versionEndIncluding": "19.0.0.241", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*", "matchCriteriaId": "044936DC-41A9-407F-BE64-B0D6FD7F501E", "versionEndIncluding": "19.0.0.241", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK \u0026 Compiler before 20.0.0.204 allows attackers to execute arbitrary code via crafted MPEG-4 data, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, CVE-2015-8454, CVE-2015-8653, CVE-2015-8655, and CVE-2015-8821." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.268 y 19.x y 20.x en versiones anteriores a 20.0.0.228 en Windows y OS X y en versiones anteriores a 11.2.202.554 en Linux, Adobe AIR en versiones anteriores a 20.0.0.204, Adobe AIR SDK en versiones anteriores a 20.0.0.204 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 20.0.0.204 permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de datos MPEG-4 manipulados, una vulnerabilidad diferente a CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, CVE-2015-8454, CVE-2015-8653, CVE-2015-8655 y CVE-2015-8821." } ], "id": "CVE-2015-8822", "lastModified": "2024-11-21T02:39:15.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-03-04T23:59:10.687", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-664" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-664" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-02-10 20:59
Modified
2024-11-21 02:42
Severity ?
Summary
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "9C8C62C1-327A-4D04-A51C-0614DB4F5493", "versionEndIncluding": "11.2.202.559", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "BAFA5674-4EBC-4587-87C6-22A522B487C6", "versionEndIncluding": "20.0.0.286", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "002CFEA6-D147-44B4-90FC-0D3C68D96082", "versionEndIncluding": "18.0.0.326", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "F40FBAAB-92FC-45AF-B656-E87ECC4C4816", "versionEndIncluding": "20.0.0.272", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "686929A4-EB67-47B6-87EC-453BCD13FE20", "versionEndIncluding": "20.0.0.286", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E823E5FE-7367-41DE-8CD7-842C5C2F53CE", "versionEndIncluding": "20.0.0.272", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "18BA497D-0C1D-451E-B54F-4028FD9B9F3B", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "F09C5C9A-0493-4601-84AE-3A9C5985231D", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "00D08966-361A-430D-9B39-ED143404EBF6", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.329 y 19.x y 20.x en versiones anteriores a 20.0.0.306 en Windows y OS X y en versiones anteriores a 11.2.202.569 en Linux, Adobe AIR en versiones anteriores a 20.0.0.260, Adobe AIR SDK en versiones anteriores a 20.0.0.260 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 20.0.0.260 permiten a atacantes ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980 y CVE-2016-0981." } ], "id": "CVE-2016-0977", "lastModified": "2024-11-21T02:42:45.847", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-02-10T20:59:25.250", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1034970" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1034970" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2024-11-21 02:57
Severity ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-6987.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player_desktop_runtime | * | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "AC8E6823-74A6-4013-8719-3AECCD82E528", "versionEndIncluding": "23.0.0.162", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "44F8E3B1-C71C-4402-B58C-B6AEA1F9D123", "versionEndIncluding": "23.0.0.162", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "FF98FA22-5DF9-4408-946F-14F23F83B397", "versionEndIncluding": "23.0.0.162", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "0C7D71FC-0E0F-40CF-B6D1-ED900D0E1D1E", "versionEndIncluding": "18.0.0.375", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "9354C77F-09CA-4B4A-9775-54E5B78B045C", "versionEndIncluding": "23.0.0.162", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:linux:*:*", "matchCriteriaId": "8783B83A-0C8C-495E-BD14-C0857D9FB29D", "versionEndIncluding": "11.2.202.635", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-6987." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.382 y 19.x hasta la versi\u00f3n 23.x en versiones anteriores a 23.0.0.185 en Windows y OS X y en versiones anteriores a 11.2.202.637 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6987." } ], "id": "CVE-2016-6981", "lastModified": "2024-11-21T02:57:13.870", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-10-13T19:59:52.807", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/93492" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036985" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/93492" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036985" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-09-14 18:59
Modified
2024-11-21 02:51
Severity ?
Summary
Integer overflow in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors.
References
▼ | URL | Tags | |
---|---|---|---|
psirt@adobe.com | http://rhn.redhat.com/errata/RHSA-2016-1865.html | Third Party Advisory | |
psirt@adobe.com | http://www.securitytracker.com/id/1036791 | Broken Link, Third Party Advisory, VDB Entry | |
psirt@adobe.com | https://helpx.adobe.com/security/products/flash-player/apsb16-29.html | Patch, Vendor Advisory | |
psirt@adobe.com | https://security.gentoo.org/glsa/201610-10 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2016-1865.html | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1036791 | Broken Link, Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/flash-player/apsb16-29.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201610-10 | Third Party Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player_desktop_runtime | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "E7CA6039-558F-4C74-95A6-5C651DD6884D", "versionEndIncluding": "11.2.202.632", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "15F5093D-7418-4D20-BFBA-081D69D7AE7F", "versionEndIncluding": "22.0.0.211", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "CE5BB30B-7DE2-469E-AF95-D552C2BF15F8", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "186A94B2-FFE5-48FF-BADA-0A8083C6CD3D", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "7DB6BA20-BD01-4169-AFE3-07DEB17381C9", "versionEndIncluding": "18.0.0.366", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "156F0DBE-F62C-4596-BF96-9E1224B74494", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Integer overflow in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors." }, { "lang": "es", "value": "Desbordamiento de entero en Adobe Flash Player en versiones anteriores a 18.0.0.375 y 19.x hasta la versi\u00f3n 23.x en versiones anteriores a 23.0.0.162 en Windows y OS X y en versiones anteriores a 11.2.202.635 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados." } ], "id": "CVE-2016-4287", "lastModified": "2024-11-21T02:51:48.403", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-09-14T18:59:16.607", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-190" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-10-13 20:00
Modified
2024-11-21 02:57
Severity ?
Summary
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, and CVE-2016-6990.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player_desktop_runtime | * | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "AC8E6823-74A6-4013-8719-3AECCD82E528", "versionEndIncluding": "23.0.0.162", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "44F8E3B1-C71C-4402-B58C-B6AEA1F9D123", "versionEndIncluding": "23.0.0.162", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "FF98FA22-5DF9-4408-946F-14F23F83B397", "versionEndIncluding": "23.0.0.162", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "0C7D71FC-0E0F-40CF-B6D1-ED900D0E1D1E", "versionEndIncluding": "18.0.0.375", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "9354C77F-09CA-4B4A-9775-54E5B78B045C", "versionEndIncluding": "23.0.0.162", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:linux:*:*", "matchCriteriaId": "8783B83A-0C8C-495E-BD14-C0857D9FB29D", "versionEndIncluding": "11.2.202.635", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, and CVE-2016-6990." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.382 y 19.x hasta la versi\u00f3n 23.x en versiones anteriores a 23.0.0.185 en Windows y OS X y en versiones anteriores a 11.2.202.637 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986 y CVE-2016-6990." } ], "id": "CVE-2016-6989", "lastModified": "2024-11-21T02:57:14.887", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-10-13T20:00:03.343", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/93490" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036985" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/93490" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036985" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-04-09 01:59
Modified
2024-11-21 02:45
Severity ?
Summary
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "DBB40E98-5A3C-4D4E-BF35-66D8490D6B96", "versionEndIncluding": "11.2.202.577", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EAB15A84-C6CE-4B87-B058-1ACAF56D96A5", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "68F6E54E-28D2-460A-9167-8BD0D3283E26", "versionEndIncluding": "18.0.0.333", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "0303DA1C-3C95-4E68-B654-579A302FDF62", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "9B384454-A4B4-4E57-8B0C-2B7BB8DCC545", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "7B5CCFA5-1620-4BC0-ABC3-10F6CFC2D7FB", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "5C86F836-BD68-4B24-87F0-536D61670256", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "B2F4F71D-DA29-43C6-B71F-26F0E1E82619", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "B1EBEC22-8E22-47A6-B3F9-2D577AFE5FA1", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.343 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.213 en Windows y OS X y en versiones anteriores a 11.2.202.616 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente de CVE-2016-1012, CVE-2016-1020, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032 y CVE-2016-1033." } ], "id": "CVE-2016-1021", "lastModified": "2024-11-21T02:45:36.837", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-04-09T01:59:36.043", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/85932" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035509" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/85932" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035509" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-03-12 15:59
Modified
2024-11-21 02:42
Severity ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | air | * | |
android | - | ||
adobe | air_sdk | * | |
samsung | x14j_firmware | t-ms14jakucb-1102.5 | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "7DB17574-F635-4CD2-97CD-92802EB88D83", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*", "matchCriteriaId": "026FF3B7-3C8D-42CA-AA19-678245A98619", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "00014504-21F2-4868-A17F-2B46E8F5D4B2", "versionEndIncluding": "20.0.0.260", "vulnerable": true }, { "criteria": "cpe:2.3:o:samsung:x14j_firmware:t-ms14jakucb-1102.5:*:*:*:*:*:*:*", "matchCriteriaId": "3A5867B4-EC19-45D4-87BE-867E1D41ECD5", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "FE45C4DB-E4D8-4AF7-9F13-963C62121EFF", "versionEndIncluding": "11.2.202.569", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "759CBC1F-B487-4562-9846-73B9D5DB2278", "versionEndIncluding": "20.2.2.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "AA526566-68B7-44D8-9886-41EE8E6C328B", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "56042C70-3EDA-47F9-AF4E-585659142AF7", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "F8FC6A7D-B68A-45D6-8AAA-97B0D88DA0A5", "versionEndIncluding": "20.0.0.260", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "602FF6D7-8811-443C-83F3-1306965872D7", "versionEndIncluding": "20.0.0.260", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.333 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.182 en Windows y OS X y en versiones anteriores a 11.2.202.577 en Linux, Adobe AIR en versiones anteriores a 21.0.0.176, Adobe AIR SDK en versiones anteriores a 21.0.0.176 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 21.0.0.176 permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999 y CVE-2016-1000." } ], "evaluatorComment": "CWE-416: Use After Free", "id": "CVE-2016-0995", "lastModified": "2024-11-21T02:42:48.480", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-03-12T15:59:15.900", "references": [ { "source": "psirt@adobe.com", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "source": "psirt@adobe.com", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" }, { "source": "psirt@adobe.com", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "source": "psirt@adobe.com", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84312" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035251" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84312" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035251" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-09-14 18:59
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-4271 and CVE-2016-4277.
References
▼ | URL | Tags | |
---|---|---|---|
psirt@adobe.com | http://rhn.redhat.com/errata/RHSA-2016-1865.html | Third Party Advisory | |
psirt@adobe.com | http://www.securitytracker.com/id/1036791 | Broken Link, Third Party Advisory, VDB Entry | |
psirt@adobe.com | https://helpx.adobe.com/security/products/flash-player/apsb16-29.html | Patch, Vendor Advisory | |
psirt@adobe.com | https://security.gentoo.org/glsa/201610-10 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2016-1865.html | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1036791 | Broken Link, Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/flash-player/apsb16-29.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201610-10 | Third Party Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player_desktop_runtime | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "E7CA6039-558F-4C74-95A6-5C651DD6884D", "versionEndIncluding": "11.2.202.632", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "15F5093D-7418-4D20-BFBA-081D69D7AE7F", "versionEndIncluding": "22.0.0.211", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "CE5BB30B-7DE2-469E-AF95-D552C2BF15F8", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "186A94B2-FFE5-48FF-BADA-0A8083C6CD3D", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "7DB6BA20-BD01-4169-AFE3-07DEB17381C9", "versionEndIncluding": "18.0.0.366", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "156F0DBE-F62C-4596-BF96-9E1224B74494", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-4271 and CVE-2016-4277." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.375 y 19.x hasta la versi\u00f3n 23.x en versiones anteriores a 23.0.0.162 en Windows y OS X y en versiones anteriores a 11.2.202.635 en Linux permite a atacantes eludir restricciones destinadas al acceso y obtener informaci\u00f3n sensible a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4271 y CVE-2016-4277." } ], "id": "CVE-2016-4278", "lastModified": "2024-11-21T02:51:47.243", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-09-14T18:59:07.920", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-06-16 14:59
Modified
2024-11-21 02:51
Severity ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EC2F8B78-73CC-44EC-BACF-A2878252992B", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "363B5A6C-BEE3-4141-8CDD-C1EA06FAD441", "versionEndIncluding": "11.2.202.621", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "80E80DEC-4724-49F4-BD19-4687A83CA56E", "versionEndIncluding": "18.0.0.352", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E51D60E3-00C6-459E-B2B9-CA7E25D02FDA", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "AEBB9124-E2D5-435E-A59A-9B250374ABD6", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "39AF0D5D-0C43-4290-B815-19DB07A2FC1A", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F", "vulnerable": true }, { "criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*", "matchCriteriaId": "028ABA8F-4E7B-4CD0-B6FC-3A0941E254BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "ED540469-C4DD-485D-9B89-6877B2A74217", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." }, { "lang": "es", "value": "Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librer\u00edas Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos, una vulnerabiliad diferente a otras CVEs listadas en MS16-083." } ], "id": "CVE-2016-4150", "lastModified": "2024-11-21T02:51:29.543", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-06-16T14:59:32.437", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 01:59
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245 y CVE-2016-4246." } ], "id": "CVE-2016-4182", "lastModified": "2024-11-21T02:51:34.473", "metrics": { "cvssMetricV2": [ { "acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T01:59:51.613", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-12-15 06:59
Modified
2024-11-21 02:58
Severity ?
Summary
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the MovieClip class related to objects at multiple presentation levels. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "CF0D14A5-39E1-4882-BB01-CEA5792A12A1", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "C9A6CB65-9F7A-4F32-BC34-F83524B7199C", "versionEndIncluding": "23.0.0.207", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "53F56649-F6A7-4CDE-B93C-5F7CB5986CB6", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "E36B0E89-5095-47A8-BF0F-68A9C37B356E", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "AA5B4F5E-0C58-42AD-8474-2FC6FAE237AB", "versionEndIncluding": "11.2.202.644", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the MovieClip class related to objects at multiple presentation levels. Successful exploitation could lead to arbitrary code execution." }, { "lang": "es", "value": "Adobe Flash Player versi\u00f3n 23.0.0.207 y versiones anteriores, 11.2.202.644 y versiones anteriores tienen una vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en la clase MovieClip relacionada con la presentaci\u00f3n de objetos en m\u00faltiples niveles. Una explotaci\u00f3n exitosa puede resultar en una ejecuci\u00f3n de c\u00f3digo arbitrario." } ], "id": "CVE-2016-7872", "lastModified": "2024-11-21T02:58:37.833", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-12-15T06:59:36.157", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/94873" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037442" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-626" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/94873" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037442" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-626" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201701-17" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-02-15 06:59
Modified
2024-11-21 03:24
Severity ?
Summary
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability in the Flash Video (FLV) codec. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "72027AB8-CD81-4DC3-9898-F4CE2BAE309A", "versionEndIncluding": "24.0.0.194", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "DB881360-123D-413E-88F3-C402DD92D1D1", "versionEndIncluding": "24.0.0.194", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "A2E601B7-FB5B-4B6B-8AC3-1B7503D3DBEB", "versionEndIncluding": "24.0.0.194", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EAA0C4E6-7324-424C-A7C8-DEE39551A847", "versionEndIncluding": "24.0.0.194", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability in the Flash Video (FLV) codec. Successful exploitation could lead to arbitrary code execution." }, { "lang": "es", "value": "Adobe Flash Player, versiones 24.0.0.194 y anteriores, tienen una vulnerabilidad explotable de desbordamiento de memoria din\u00e1mica en el c\u00f3dec de Flash Video (FLV). La explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario." } ], "id": "CVE-2017-2986", "lastModified": "2024-11-21T03:24:35.460", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-02-15T06:59:00.587", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/96193" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037815" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201702-20" }, { "source": "psirt@adobe.com", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/41423/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/96193" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037815" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201702-20" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/41423/" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-12-15 06:59
Modified
2024-11-21 02:58
Severity ?
Summary
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable integer overflow vulnerability in the BitmapData class. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "CF0D14A5-39E1-4882-BB01-CEA5792A12A1", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "C9A6CB65-9F7A-4F32-BC34-F83524B7199C", "versionEndIncluding": "23.0.0.207", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "53F56649-F6A7-4CDE-B93C-5F7CB5986CB6", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "E36B0E89-5095-47A8-BF0F-68A9C37B356E", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "AA5B4F5E-0C58-42AD-8474-2FC6FAE237AB", "versionEndIncluding": "11.2.202.644", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable integer overflow vulnerability in the BitmapData class. Successful exploitation could lead to arbitrary code execution." }, { "lang": "es", "value": "Adobe Flash Player versi\u00f3n 23.0.0.207 y versiones anteriores, 11.2.202.644 y versiones anteriores tienen una vulnerabilidad explotable de desbordamiento de entero en la clase BitmapData. Una explotaci\u00f3n exitosa puede resultar en una ejecuci\u00f3n de c\u00f3digo arbitrario." } ], "id": "CVE-2016-7875", "lastModified": "2024-11-21T02:58:38.223", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-12-15T06:59:39.220", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/94866" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037442" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-621" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/94866" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037442" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-621" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201701-17" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-190" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2018-07-09 19:29
Modified
2024-11-21 04:07
Severity ?
Summary
Adobe Flash Player versions 29.0.0.171 and earlier have a Stack-based buffer overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
References
▼ | URL | Tags | |
---|---|---|---|
psirt@adobe.com | http://www.securityfocus.com/bid/104412 | Third Party Advisory, VDB Entry | |
psirt@adobe.com | http://www.securitytracker.com/id/1041058 | Third Party Advisory, VDB Entry | |
psirt@adobe.com | https://access.redhat.com/errata/RHSA-2018:1827 | Third Party Advisory | |
psirt@adobe.com | https://helpx.adobe.com/security/products/flash-player/apsb18-19.html | Patch, Vendor Advisory | |
psirt@adobe.com | https://security.gentoo.org/glsa/201806-02 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/104412 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041058 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:1827 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/flash-player/apsb18-19.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201806-02 | Third Party Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
redhat | enterprise_linux_desktop | 6.0 | |
redhat | enterprise_linux_server | 6.0 | |
redhat | enterprise_linux_workstation | 6.0 |
{ "cisaActionDue": "2022-06-13", "cisaExploitAdd": "2022-05-23", "cisaRequiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "cisaVulnerabilityName": "Adobe Flash Player Stack-based Buffer Overflow Vulnerability", "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "DC761085-74A4-496C-B221-5949B32EBB30", "versionEndIncluding": "29.0.0.171", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "3031D75C-69D7-4706-BF72-E07A4454A5C7", "versionEndIncluding": "29.0.0.171", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "31913F89-EB71-44A8-8AFB-E284AE191BE7", "versionEndIncluding": "29.0.0.171", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_11:*:*", "matchCriteriaId": "6028F4B9-007F-4C11-968B-A63D1E2D2826", "versionEndIncluding": "29.0.0.171", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 29.0.0.171 and earlier have a Stack-based buffer overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user." }, { "lang": "es", "value": "Adobe Flash Player en versiones 29.0.0.171 y anteriores tiene una vulnerabilidad de desbordamiento de b\u00fafer basado en pila. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir la ejecuci\u00f3n de c\u00f3digo arbitrario en el contexto del usuario actual." } ], "id": "CVE-2018-5002", "lastModified": "2024-11-21T04:07:53.737", "metrics": { "cvssMetricV2": [ { "acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-07-09T19:29:03.750", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/104412" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1041058" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:1827" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-19.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201806-02" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/104412" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1041058" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:1827" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-19.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201806-02" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-02-10 20:59
Modified
2024-11-21 02:42
Severity ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0973, CVE-2016-0975, CVE-2016-0982, CVE-2016-0983, and CVE-2016-0984.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "9C8C62C1-327A-4D04-A51C-0614DB4F5493", "versionEndIncluding": "11.2.202.559", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "BAFA5674-4EBC-4587-87C6-22A522B487C6", "versionEndIncluding": "20.0.0.286", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "002CFEA6-D147-44B4-90FC-0D3C68D96082", "versionEndIncluding": "18.0.0.326", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "F40FBAAB-92FC-45AF-B656-E87ECC4C4816", "versionEndIncluding": "20.0.0.272", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "686929A4-EB67-47B6-87EC-453BCD13FE20", "versionEndIncluding": "20.0.0.286", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E823E5FE-7367-41DE-8CD7-842C5C2F53CE", "versionEndIncluding": "20.0.0.272", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "18BA497D-0C1D-451E-B54F-4028FD9B9F3B", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "F09C5C9A-0493-4601-84AE-3A9C5985231D", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "00D08966-361A-430D-9B39-ED143404EBF6", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0973, CVE-2016-0975, CVE-2016-0982, CVE-2016-0983, and CVE-2016-0984." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.329 y 19.x y 20.x en versiones anteriores a 20.0.0.306 en Windows y OS X y en versiones anteriores a 11.2.202.569 en Linux, Adobe AIR en versiones anteriores a 20.0.0.260, Adobe AIR SDK en versiones anteriores a 20.0.0.260 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 20.0.0.260 permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-0973, CVE-2016-0975, CVE-2016-0982, CVE-2016-0983 y CVE-2016-0984." } ], "id": "CVE-2016-0974", "lastModified": "2024-11-21T02:42:45.400", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-02-10T20:59:22.047", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1034970" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "psirt@adobe.com", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/39463/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1034970" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/39463/" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-12-15 06:59
Modified
2024-11-21 02:58
Severity ?
Summary
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the NetConnection class when handling an attached script object. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "CF0D14A5-39E1-4882-BB01-CEA5792A12A1", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "C9A6CB65-9F7A-4F32-BC34-F83524B7199C", "versionEndIncluding": "23.0.0.207", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "53F56649-F6A7-4CDE-B93C-5F7CB5986CB6", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "E36B0E89-5095-47A8-BF0F-68A9C37B356E", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "AA5B4F5E-0C58-42AD-8474-2FC6FAE237AB", "versionEndIncluding": "11.2.202.644", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the NetConnection class when handling an attached script object. Successful exploitation could lead to arbitrary code execution." }, { "lang": "es", "value": "Adobe Flash Player versi\u00f3n 23.0.0.207 y versiones anteriores, 11.2.202.644 y versiones anteriores tienen una vulnerabilidad explotable de uso despu\u00e9s de liberaci\u00f3n en el NetConnection class al manejar un objeto de secuencia de comandos adjunto. Una explotaci\u00f3n exitosa puede resultar en una ejecuci\u00f3n de c\u00f3digo arbitrario." } ], "id": "CVE-2016-7879", "lastModified": "2024-11-21T02:58:38.720", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-12-15T06:59:43.330", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/94873" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037442" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-619" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/94873" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037442" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-619" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201701-17" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-03-12 15:59
Modified
2024-11-21 02:45
Severity ?
Summary
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (uninitialized pointer dereference and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, and CVE-2016-1002.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | air | * | |
android | - | ||
adobe | air_sdk | * | |
samsung | x14j_firmware | t-ms14jakucb-1102.5 | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "7DB17574-F635-4CD2-97CD-92802EB88D83", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*", "matchCriteriaId": "026FF3B7-3C8D-42CA-AA19-678245A98619", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "00014504-21F2-4868-A17F-2B46E8F5D4B2", "versionEndIncluding": "20.0.0.260", "vulnerable": true }, { "criteria": "cpe:2.3:o:samsung:x14j_firmware:t-ms14jakucb-1102.5:*:*:*:*:*:*:*", "matchCriteriaId": "3A5867B4-EC19-45D4-87BE-867E1D41ECD5", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "FE45C4DB-E4D8-4AF7-9F13-963C62121EFF", "versionEndIncluding": "11.2.202.569", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "759CBC1F-B487-4562-9846-73B9D5DB2278", "versionEndIncluding": "20.2.2.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "AA526566-68B7-44D8-9886-41EE8E6C328B", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "56042C70-3EDA-47F9-AF4E-585659142AF7", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "F8FC6A7D-B68A-45D6-8AAA-97B0D88DA0A5", "versionEndIncluding": "20.0.0.260", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "602FF6D7-8811-443C-83F3-1306965872D7", "versionEndIncluding": "20.0.0.260", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (uninitialized pointer dereference and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, and CVE-2016-1002." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.333 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.182 en Windows y OS X y en versiones anteriores a 11.2.202.577 en Linux, Adobe AIR en versiones anteriores a 21.0.0.176, Adobe AIR SDK en versiones anteriores a 21.0.0.176 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 21.0.0.176 permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992 y CVE-2016-1002." } ], "id": "CVE-2016-1005", "lastModified": "2024-11-21T02:45:34.447", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-03-12T15:59:23.807", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84311" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035251" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-192/" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84311" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035251" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-192/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-824" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-03-12 15:59
Modified
2024-11-21 02:42
Severity ?
Summary
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | air | * | |
android | - | ||
adobe | air_sdk | * | |
samsung | x14j_firmware | t-ms14jakucb-1102.5 | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "7DB17574-F635-4CD2-97CD-92802EB88D83", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*", "matchCriteriaId": "026FF3B7-3C8D-42CA-AA19-678245A98619", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "00014504-21F2-4868-A17F-2B46E8F5D4B2", "versionEndIncluding": "20.0.0.260", "vulnerable": true }, { "criteria": "cpe:2.3:o:samsung:x14j_firmware:t-ms14jakucb-1102.5:*:*:*:*:*:*:*", "matchCriteriaId": "3A5867B4-EC19-45D4-87BE-867E1D41ECD5", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "FE45C4DB-E4D8-4AF7-9F13-963C62121EFF", "versionEndIncluding": "11.2.202.569", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "759CBC1F-B487-4562-9846-73B9D5DB2278", "versionEndIncluding": "20.2.2.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "AA526566-68B7-44D8-9886-41EE8E6C328B", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "56042C70-3EDA-47F9-AF4E-585659142AF7", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "F8FC6A7D-B68A-45D6-8AAA-97B0D88DA0A5", "versionEndIncluding": "20.0.0.260", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "602FF6D7-8811-443C-83F3-1306965872D7", "versionEndIncluding": "20.0.0.260", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.333 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.182 en Windows y OS X y en versiones anteriores a 11.2.202.577 en Linux, Adobe AIR en versiones anteriores a 21.0.0.176, Adobe AIR SDK en versiones anteriores a 21.0.0.176 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 21.0.0.176 permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002 y CVE-2016-1005." } ], "id": "CVE-2016-0986", "lastModified": "2024-11-21T02:42:47.150", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-03-12T15:59:06.930", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84311" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035251" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84311" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035251" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-04-09 01:59
Modified
2024-11-21 02:45
Severity ?
Summary
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "DBB40E98-5A3C-4D4E-BF35-66D8490D6B96", "versionEndIncluding": "11.2.202.577", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EAB15A84-C6CE-4B87-B058-1ACAF56D96A5", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "68F6E54E-28D2-460A-9167-8BD0D3283E26", "versionEndIncluding": "18.0.0.333", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "0303DA1C-3C95-4E68-B654-579A302FDF62", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "9B384454-A4B4-4E57-8B0C-2B7BB8DCC545", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "7B5CCFA5-1620-4BC0-ABC3-10F6CFC2D7FB", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "5C86F836-BD68-4B24-87F0-536D61670256", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "B2F4F71D-DA29-43C6-B71F-26F0E1E82619", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "B1EBEC22-8E22-47A6-B3F9-2D577AFE5FA1", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.343 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.213 en Windows y OS X y en versiones anteriores a 11.2.202.616 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente de CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032 y CVE-2016-1033." } ], "id": "CVE-2016-1027", "lastModified": "2024-11-21T02:45:37.673", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-04-09T01:59:41.763", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/85932" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035509" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/85932" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035509" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 01:59
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245 y CVE-2016-4246." } ], "id": "CVE-2016-4189", "lastModified": "2024-11-21T02:51:35.503", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T01:59:58.773", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91715" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91715" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-12-15 06:59
Modified
2024-11-21 02:58
Severity ?
Summary
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the Clipboard class related to data handling functionality. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "CF0D14A5-39E1-4882-BB01-CEA5792A12A1", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "C9A6CB65-9F7A-4F32-BC34-F83524B7199C", "versionEndIncluding": "23.0.0.207", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "53F56649-F6A7-4CDE-B93C-5F7CB5986CB6", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "E36B0E89-5095-47A8-BF0F-68A9C37B356E", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "AA5B4F5E-0C58-42AD-8474-2FC6FAE237AB", "versionEndIncluding": "11.2.202.644", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the Clipboard class related to data handling functionality. Successful exploitation could lead to arbitrary code execution." }, { "lang": "es", "value": "Adobe Flash Player versi\u00f3n 23.0.0.207 y versiones anteriores, 11.2.202.644 y versiones anteriores tienen una vulnerabilidad explotable de corrupci\u00f3n de memoria en la clase Clipboard relacionada con la funcionalidad de manejo de datos. Una explotaci\u00f3n exitosa puede resultar en una ejecuci\u00f3n de c\u00f3digo arbitrario." } ], "id": "CVE-2016-7876", "lastModified": "2024-11-21T02:58:38.347", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-12-15T06:59:40.250", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/94866" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037442" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/94866" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037442" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201701-17" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-02-10 20:59
Modified
2024-11-21 02:42
Severity ?
Summary
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "9C8C62C1-327A-4D04-A51C-0614DB4F5493", "versionEndIncluding": "11.2.202.559", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "BAFA5674-4EBC-4587-87C6-22A522B487C6", "versionEndIncluding": "20.0.0.286", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "002CFEA6-D147-44B4-90FC-0D3C68D96082", "versionEndIncluding": "18.0.0.326", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "F40FBAAB-92FC-45AF-B656-E87ECC4C4816", "versionEndIncluding": "20.0.0.272", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "686929A4-EB67-47B6-87EC-453BCD13FE20", "versionEndIncluding": "20.0.0.286", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E823E5FE-7367-41DE-8CD7-842C5C2F53CE", "versionEndIncluding": "20.0.0.272", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "18BA497D-0C1D-451E-B54F-4028FD9B9F3B", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "F09C5C9A-0493-4601-84AE-3A9C5985231D", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "00D08966-361A-430D-9B39-ED143404EBF6", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.329 y 19.x y 20.x en versiones anteriores a 20.0.0.306 en Windows y OS X y en versiones anteriores a 11.2.202.569 en Linux, Adobe AIR en versiones anteriores a 20.0.0.260, Adobe AIR SDK en versiones anteriores a 20.0.0.260 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 20.0.0.260 permiten a atacantes ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980 y CVE-2016-0981." } ], "id": "CVE-2016-0970", "lastModified": "2024-11-21T02:42:44.787", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-02-10T20:59:17.827", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1034970" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1034970" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2015-07-14 10:59
Modified
2024-11-21 02:32
Severity ?
Summary
Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that overrides a valueOf function, as exploited in the wild in July 2015.
References
Impacted products
{ "cisaActionDue": "2022-05-04", "cisaExploitAdd": "2022-04-13", "cisaRequiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "cisaVulnerabilityName": "Adobe Flash Player Use-After-Free Vulnerability", "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6:*:*:*:*:*:*:*", "matchCriteriaId": "C18E3368-8980-45D2-AD3F-5BF385ABA693", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:opensuse:evergreen:11.4:*:*:*:*:*:*:*", "matchCriteriaId": "CCE4D64E-8C4B-4F21-A9B0-90637C85C1D0", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", "matchCriteriaId": "3ED68ADD-BBDA-4485-BC76-58F011D72311", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp4:*:*:*:*:*:*", "matchCriteriaId": "17D4B6F2-514D-4BC2-B2C5-4E2FCCAC594C", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:*:*:*:*:*:*:*", "matchCriteriaId": "F1EB0F28-F23A-4969-8A3E-66DA2EFA40C3", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:*:*:*:*:*:*:*", "matchCriteriaId": "9DFA18B6-2642-470A-A350-68947529EE5D", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "638F2736-01BF-4AF8-9215-C1E81B1DC9EE", "versionEndIncluding": "11.2.202.481", "versionStartIncluding": "11.0", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "17769E33-3CBA-475B-8CC6-263F38B548DD", "versionEndIncluding": "13.0.0.302", "versionStartIncluding": "13.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:chrome:*:*:*", "matchCriteriaId": "931AF041-F03B-4498-BD19-346DA705AA0B", "versionEndIncluding": "18.0.0.203", "versionStartIncluding": "18.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "71F9E1A3-B61E-4949-86B0-C252943072ED", "versionEndIncluding": "18.0.0.203", "versionStartIncluding": "18.0", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that overrides a valueOf function, as exploited in the wild in July 2015." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en la clase BitmapData en la implementaci\u00f3n ActionScript 3 (AS3) en Adobe Flash Player 13.x hasta la versi\u00f3n 13.0.0.302 en Windows y OS X, 14.x hasta la versi\u00f3n 18.0.0.203 en Windows y OS X, 11.x hasta la versi\u00f3n 11.2.202.481 en Linux y 12.x hasta la versi\u00f3n 18.0.0.204 en instalaciones de Chrome de Linux permite a atacantes remotos ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de contenido Flash que anula una funci\u00f3n valueOf, seg\u00fan se ha explotado activamente en julio de 2015." } ], "id": "CVE-2015-5123", "lastModified": "2024-11-21T02:32:24.590", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2015-07-14T10:59:01.337", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://blog.trendmicro.com/trendlabs-security-intelligence/new-zero-day-vulnerability-cve-2015-5123-in-adobe-flash-emerges-from-hacking-team-leak/" }, { "source": "psirt@adobe.com", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00028.html" }, { "source": "psirt@adobe.com", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00029.html" }, { "source": "psirt@adobe.com", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00032.html" }, { "source": "psirt@adobe.com", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1235.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/918568" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/75710" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1032890" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/ncas/alerts/TA15-195A" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04796784" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04796784" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsa15-04.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-18.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201508-01" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://blog.trendmicro.com/trendlabs-security-intelligence/new-zero-day-vulnerability-cve-2015-5123-in-adobe-flash-emerges-from-hacking-team-leak/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00028.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00029.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00032.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1235.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/918568" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/75710" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1032890" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/ncas/alerts/TA15-195A" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04796784" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04796784" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsa15-04.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-18.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201508-01" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Undergoing Analysis", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-06-16 14:59
Modified
2024-11-21 02:51
Severity ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EC2F8B78-73CC-44EC-BACF-A2878252992B", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "363B5A6C-BEE3-4141-8CDD-C1EA06FAD441", "versionEndIncluding": "11.2.202.621", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "80E80DEC-4724-49F4-BD19-4687A83CA56E", "versionEndIncluding": "18.0.0.352", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E51D60E3-00C6-459E-B2B9-CA7E25D02FDA", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "AEBB9124-E2D5-435E-A59A-9B250374ABD6", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "39AF0D5D-0C43-4290-B815-19DB07A2FC1A", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F", "vulnerable": true }, { "criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*", "matchCriteriaId": "028ABA8F-4E7B-4CD0-B6FC-3A0941E254BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "ED540469-C4DD-485D-9B89-6877B2A74217", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." }, { "lang": "es", "value": "Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librer\u00edas Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos, una vulnerabiliad diferente a otras CVEs listadas en MS16-083." } ], "id": "CVE-2016-4124", "lastModified": "2024-11-21T02:51:25.643", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-06-16T14:59:05.230", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-12-13 21:29
Modified
2024-11-21 03:07
Severity ?
Summary
A regression affecting Adobe Flash Player version 27.0.0.187 (and earlier versions) causes the unintended reset of the global settings preference file when a user clears browser data.
References
▼ | URL | Tags | |
---|---|---|---|
psirt@adobe.com | http://www.securityfocus.com/bid/102139 | Broken Link, Third Party Advisory, VDB Entry | |
psirt@adobe.com | http://www.securitytracker.com/id/1039986 | Broken Link, Third Party Advisory, VDB Entry | |
psirt@adobe.com | https://access.redhat.com/errata/RHSA-2018:0081 | Third Party Advisory | |
psirt@adobe.com | https://helpx.adobe.com/security/products/flash-player/apsb17-42.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/102139 | Broken Link, Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039986 | Broken Link, Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:0081 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/flash-player/apsb17-42.html | Patch, Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
linux | linux_kernel | - | |
microsoft | windows | - | |
redhat | enterprise_linux_desktop | 6.0 | |
redhat | enterprise_linux_server | 6.0 | |
redhat | enterprise_linux_workstation | 6.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "41094F1E-580A-42B1-8EBD-B301172A1F3E", "versionEndIncluding": "27.0.0.187", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "B82891FB-EE85-4440-8F60-5CC8D512D85C", "versionEndIncluding": "27.0.0.187", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "A87C86E3-680F-46F8-B311-9AC901D7CD5C", "versionEndIncluding": "27.0.0.187", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "9724D696-B64A-4598-8771-5D49837D8E83", "versionEndIncluding": "27.0.0.187", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "A regression affecting Adobe Flash Player version 27.0.0.187 (and earlier versions) causes the unintended reset of the global settings preference file when a user clears browser data." }, { "lang": "es", "value": "Una regresi\u00f3n que afecta a Adobe Flash Player en su versi\u00f3n 27.0.0.187 (y anteriores) provoca el restablecimiento accidental del archivo de preferencias de configuraciones globales cuando un usuario borra los datos del navegador." } ], "id": "CVE-2017-11305", "lastModified": "2024-11-21T03:07:31.503", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-12-13T21:29:00.230", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/102139" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1039986" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:0081" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-42.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/102139" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1039986" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:0081" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-42.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-03-12 15:59
Modified
2024-11-21 02:42
Severity ?
Summary
Use-after-free vulnerability in the setInterval method in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via crafted arguments, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | air | * | |
android | - | ||
adobe | air_sdk | * | |
samsung | x14j_firmware | t-ms14jakucb-1102.5 | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "7DB17574-F635-4CD2-97CD-92802EB88D83", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*", "matchCriteriaId": "026FF3B7-3C8D-42CA-AA19-678245A98619", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "00014504-21F2-4868-A17F-2B46E8F5D4B2", "versionEndIncluding": "20.0.0.260", "vulnerable": true }, { "criteria": "cpe:2.3:o:samsung:x14j_firmware:t-ms14jakucb-1102.5:*:*:*:*:*:*:*", "matchCriteriaId": "3A5867B4-EC19-45D4-87BE-867E1D41ECD5", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "FE45C4DB-E4D8-4AF7-9F13-963C62121EFF", "versionEndIncluding": "11.2.202.569", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "759CBC1F-B487-4562-9846-73B9D5DB2278", "versionEndIncluding": "20.2.2.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "AA526566-68B7-44D8-9886-41EE8E6C328B", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "56042C70-3EDA-47F9-AF4E-585659142AF7", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "F8FC6A7D-B68A-45D6-8AAA-97B0D88DA0A5", "versionEndIncluding": "20.0.0.260", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "602FF6D7-8811-443C-83F3-1306965872D7", "versionEndIncluding": "20.0.0.260", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in the setInterval method in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via crafted arguments, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en el m\u00e9todo setInterval en Adobe Flash Player en versiones anteriores a 18.0.0.333 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.182 en Windows y OS X y en versiones anteriores a 11.2.202.577 en Linux, Adobe AIR en versiones anteriores a 21.0.0.176, Adobe AIR SDK en versiones anteriores a 21.0.0.176 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 21.0.0.176 permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de argumentos manipulados, una vulnerabilidad diferente a CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999 y CVE-2016-1000." } ], "evaluatorComment": "CWE-416: Use After Free", "id": "CVE-2016-0996", "lastModified": "2024-11-21T02:42:48.623", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-03-12T15:59:16.853", "references": [ { "source": "psirt@adobe.com", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "source": "psirt@adobe.com", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" }, { "source": "psirt@adobe.com", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "source": "psirt@adobe.com", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84312" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035251" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-193/" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84312" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035251" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-193/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-03-04 23:59
Modified
2024-11-21 02:39
Severity ?
Summary
Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8654, CVE-2015-8656, CVE-2015-8657, and CVE-2015-8658.
References
▼ | URL | Tags | |
---|---|---|---|
psirt@adobe.com | http://www.securityfocus.com/bid/84160 | Exploit, Third Party Advisory, VDB Entry | |
psirt@adobe.com | http://www.zerodayinitiative.com/advisories/ZDI-15-661 | Third Party Advisory, VDB Entry | |
psirt@adobe.com | https://helpx.adobe.com/security/products/flash-player/apsb15-32.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/84160 | Exploit, Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.zerodayinitiative.com/advisories/ZDI-15-661 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/flash-player/apsb15-32.html | Patch, Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air | * | |
android | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "A02328C4-D810-4774-8F28-2B5FB6C7CDB5", "versionEndIncluding": "11.2.202.548", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "60921187-5894-4500-A822-02986DC497C9", "versionEndIncluding": "19.0.0.245", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "40DB16C2-C074-4BA5-BAC3-7BF751724E01", "versionEndIncluding": "18.0.0.261", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*", "matchCriteriaId": "0D229E41-A971-4284-9657-16D78414B93F", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "9A6F84D7-62F0-45C0-962B-5EC8946B67AA", "versionEndIncluding": "19.0.0.245", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "82EBB50D-BFC5-4165-A673-D98BD23C79C8", "versionEndIncluding": "19.0.0.245", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "C5C96375-3919-417F-ADDC-657F3676EF91", "versionEndIncluding": "19.0.0.245", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "BADDF83B-C087-49E8-A628-171106018227", "versionEndIncluding": "19.0.0.241", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "89A1DBA3-8B4E-4832-8D39-6490CD99FE6B", "versionEndIncluding": "19.0.0.241", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "7C30B2BE-C291-495C-B7A8-A27492BE7177", "versionEndIncluding": "19.0.0.241", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*", "matchCriteriaId": "044936DC-41A9-407F-BE64-B0D6FD7F501E", "versionEndIncluding": "19.0.0.241", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK \u0026 Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8654, CVE-2015-8656, CVE-2015-8657, and CVE-2015-8658." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.268 y 19.x y 20.x en versiones anteriores a 20.0.0.228 en Windows y OS X y en versiones anteriores a 11.2.202.554 en Linux, Adobe AIR en versiones anteriores a 20.0.0.204, Adobe AIR SDK en versiones anteriores a 20.0.0.204 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 20.0.0.204 permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (lectura fuera de rango y corrupci\u00f3n de memoria) a trav\u00e9s de datos MPEG-4 manipulados, una vulnerabilidad diferente a CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8654, CVE-2015-8656, CVE-2015-8657 y CVE-2015-8658." } ], "id": "CVE-2015-8820", "lastModified": "2024-11-21T02:39:15.707", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-03-04T23:59:08.890", "references": [ { "source": "psirt@adobe.com", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84160" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-661" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84160" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-661" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2024-11-21 02:57
Severity ?
Summary
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6989, and CVE-2016-6990.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player_desktop_runtime | * | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "AC8E6823-74A6-4013-8719-3AECCD82E528", "versionEndIncluding": "23.0.0.162", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "44F8E3B1-C71C-4402-B58C-B6AEA1F9D123", "versionEndIncluding": "23.0.0.162", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "FF98FA22-5DF9-4408-946F-14F23F83B397", "versionEndIncluding": "23.0.0.162", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "0C7D71FC-0E0F-40CF-B6D1-ED900D0E1D1E", "versionEndIncluding": "18.0.0.375", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "9354C77F-09CA-4B4A-9775-54E5B78B045C", "versionEndIncluding": "23.0.0.162", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:linux:*:*", "matchCriteriaId": "8783B83A-0C8C-495E-BD14-C0857D9FB29D", "versionEndIncluding": "11.2.202.635", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6989, and CVE-2016-6990." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.382 y 19.x hasta la versi\u00f3n 23.x en versiones anteriores a 23.0.0.185 en Windows y OS X y en versiones anteriores a 11.2.202.637 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6989 y CVE-2016-6990." } ], "id": "CVE-2016-6986", "lastModified": "2024-11-21T02:57:14.517", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-10-13T19:59:58.307", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/93490" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036985" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/93490" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036985" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-04-09 01:59
Modified
2024-11-21 02:45
Severity ?
Summary
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to bypass the ASLR protection mechanism via JIT data.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "DBB40E98-5A3C-4D4E-BF35-66D8490D6B96", "versionEndIncluding": "11.2.202.577", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EAB15A84-C6CE-4B87-B058-1ACAF56D96A5", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "68F6E54E-28D2-460A-9167-8BD0D3283E26", "versionEndIncluding": "18.0.0.333", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "0303DA1C-3C95-4E68-B654-579A302FDF62", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "9B384454-A4B4-4E57-8B0C-2B7BB8DCC545", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "7B5CCFA5-1620-4BC0-ABC3-10F6CFC2D7FB", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "5C86F836-BD68-4B24-87F0-536D61670256", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "B2F4F71D-DA29-43C6-B71F-26F0E1E82619", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "B1EBEC22-8E22-47A6-B3F9-2D577AFE5FA1", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to bypass the ASLR protection mechanism via JIT data." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.343 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.213 en Windows y OS X y en versiones anteriores a 11.2.202.616 en Linux permite a atacantes eludir el mecanismo de protecci\u00f3n ASLR a trav\u00e9s de datos JIT." } ], "id": "CVE-2016-1006", "lastModified": "2024-11-21T02:45:34.620", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-04-09T01:59:26.387", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035509" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035509" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245 y CVE-2016-4246." } ], "id": "CVE-2016-4240", "lastModified": "2024-11-21T02:51:42.440", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T02:00:46.937", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-12-15 06:59
Modified
2024-11-21 02:58
Severity ?
Summary
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the MovieClip class when handling conversion to an object. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "CF0D14A5-39E1-4882-BB01-CEA5792A12A1", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "C9A6CB65-9F7A-4F32-BC34-F83524B7199C", "versionEndIncluding": "23.0.0.207", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "53F56649-F6A7-4CDE-B93C-5F7CB5986CB6", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "E36B0E89-5095-47A8-BF0F-68A9C37B356E", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "AA5B4F5E-0C58-42AD-8474-2FC6FAE237AB", "versionEndIncluding": "11.2.202.644", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the MovieClip class when handling conversion to an object. Successful exploitation could lead to arbitrary code execution." }, { "lang": "es", "value": "Adobe Flash Player versi\u00f3n 23.0.0.207 y versiones anteriores, 11.2.202.644 y versiones anteriores tienen una vulnerabilidad explotable de uso despu\u00e9s de liberaci\u00f3n de memoria en MovieClip class cuando al maneja la conversi\u00f3n a un objeto. Una explotaci\u00f3n exitosa puede resultar en una ejecuci\u00f3n de c\u00f3digo arbitrario." } ], "id": "CVE-2016-7881", "lastModified": "2024-11-21T02:58:38.977", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-12-15T06:59:45.377", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/94873" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037442" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/94873" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037442" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201701-17" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4245, and CVE-2016-4246.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4245, and CVE-2016-4246." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4245 y CVE-2016-4246." } ], "id": "CVE-2016-4244", "lastModified": "2024-11-21T02:51:43.043", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T02:00:50.517", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 01:59
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245 y CVE-2016-4246." } ], "id": "CVE-2016-4180", "lastModified": "2024-11-21T02:51:34.180", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T01:59:49.770", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-02-10 20:59
Modified
2024-11-21 02:42
Severity ?
Summary
Heap-based buffer overflow in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "9C8C62C1-327A-4D04-A51C-0614DB4F5493", "versionEndIncluding": "11.2.202.559", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "BAFA5674-4EBC-4587-87C6-22A522B487C6", "versionEndIncluding": "20.0.0.286", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "002CFEA6-D147-44B4-90FC-0D3C68D96082", "versionEndIncluding": "18.0.0.326", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "F40FBAAB-92FC-45AF-B656-E87ECC4C4816", "versionEndIncluding": "20.0.0.272", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "686929A4-EB67-47B6-87EC-453BCD13FE20", "versionEndIncluding": "20.0.0.286", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E823E5FE-7367-41DE-8CD7-842C5C2F53CE", "versionEndIncluding": "20.0.0.272", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "18BA497D-0C1D-451E-B54F-4028FD9B9F3B", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "F09C5C9A-0493-4601-84AE-3A9C5985231D", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "00D08966-361A-430D-9B39-ED143404EBF6", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Heap-based buffer overflow in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors." }, { "lang": "es", "value": "Desbordamiento de buffer basado en memoria din\u00e1mica en Adobe Flash Player en versiones anteriores a 18.0.0.329 y 19.x y 20.x en versiones anteriores a 20.0.0.306 en Windows y OS X y en versiones anteriores a 11.2.202.569 en Linux, Adobe AIR en versiones anteriores a 20.0.0.260, Adobe AIR SDK en versiones anteriores a 20.0.0.260 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 20.0.0.260 permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados." } ], "id": "CVE-2016-0971", "lastModified": "2024-11-21T02:42:44.937", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-02-10T20:59:19.060", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1034970" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "psirt@adobe.com", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/39465/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1034970" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/39465/" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-02-15 06:59
Modified
2024-11-21 03:24
Severity ?
Summary
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in Primetime SDK event dispatch. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "6F017128-1329-4EA4-9E6F-EFC279D1A296", "versionEndIncluding": "24.0.0.221", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "68A43DA8-9EE3-4423-9E01-7AEE3DD378DD", "versionEndIncluding": "24.0.0.221", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "C5EFFCBC-AB30-47D8-ACC5-91FDB5F733C6", "versionEndIncluding": "24.0.0.221", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "B72F98B2-B74E-4F12-9415-F0B94035F273", "versionEndIncluding": "24.0.0.221", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in Primetime SDK event dispatch. Successful exploitation could lead to arbitrary code execution." }, { "lang": "es", "value": "Adobe Flash Player, versiones 24.0.0.194 y anteriores, tienen una vulnerabilidad explotable de uso despu\u00e9s de liberaci\u00f3n en el env\u00edo de eventos de Primetime SDK. La explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario." } ], "id": "CVE-2017-2994", "lastModified": "2024-11-21T03:24:36.520", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-02-15T06:59:00.807", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0526.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/96199" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037815" }, { "source": "psirt@adobe.com", "tags": [ "Not Applicable", "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201702-20" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0526.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/96199" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037815" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Not Applicable", "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201702-20" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-03-04 23:59
Modified
2024-11-21 02:38
Severity ?
Summary
Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8656, CVE-2015-8657, CVE-2015-8658, and CVE-2015-8820.
References
▼ | URL | Tags | |
---|---|---|---|
psirt@adobe.com | http://www.securityfocus.com/bid/84160 | Broken Link, Third Party Advisory, VDB Entry | |
psirt@adobe.com | http://www.zerodayinitiative.com/advisories/ZDI-15-658 | Third Party Advisory, VDB Entry | |
psirt@adobe.com | https://helpx.adobe.com/security/products/flash-player/apsb15-32.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/84160 | Broken Link, Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.zerodayinitiative.com/advisories/ZDI-15-658 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/flash-player/apsb15-32.html | Patch, Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air | * | |
android | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "A02328C4-D810-4774-8F28-2B5FB6C7CDB5", "versionEndIncluding": "11.2.202.548", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "60921187-5894-4500-A822-02986DC497C9", "versionEndIncluding": "19.0.0.245", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "40DB16C2-C074-4BA5-BAC3-7BF751724E01", "versionEndIncluding": "18.0.0.261", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*", "matchCriteriaId": "0D229E41-A971-4284-9657-16D78414B93F", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "9A6F84D7-62F0-45C0-962B-5EC8946B67AA", "versionEndIncluding": "19.0.0.245", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "82EBB50D-BFC5-4165-A673-D98BD23C79C8", "versionEndIncluding": "19.0.0.245", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "C5C96375-3919-417F-ADDC-657F3676EF91", "versionEndIncluding": "19.0.0.245", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "BADDF83B-C087-49E8-A628-171106018227", "versionEndIncluding": "19.0.0.241", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "89A1DBA3-8B4E-4832-8D39-6490CD99FE6B", "versionEndIncluding": "19.0.0.241", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "7C30B2BE-C291-495C-B7A8-A27492BE7177", "versionEndIncluding": "19.0.0.241", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*", "matchCriteriaId": "044936DC-41A9-407F-BE64-B0D6FD7F501E", "versionEndIncluding": "19.0.0.241", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK \u0026 Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8656, CVE-2015-8657, CVE-2015-8658, and CVE-2015-8820." }, { "lang": "es", "value": "Adobe Flash Player before 18.0.0.268 y 19.x y 20.x en versiones anteriores a 20.0.0.228 en Windows y OS X y en versiones anteriores a 11.2.202.554 en Linux, Adobe AIR en versiones anteriores a 20.0.0.204, Adobe AIR SDK en versiones anteriores a 20.0.0.204 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 20.0.0.204 permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (lectura fuera de rango o corrupci\u00f3n de memoria) a trav\u00e9s de datos MPEG-4 manipulados, una vulnerabilidad diferente a CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8656, CVE-2015-8657, CVE-2015-8658 y CVE-2015-8820." } ], "id": "CVE-2015-8654", "lastModified": "2024-11-21T02:38:54.220", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-03-04T23:59:03.280", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84160" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-658" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84160" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-658" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-06-16 14:59
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4160, CVE-2016-4161, CVE-2016-4162, and CVE-2016-4163.
References
▼ | URL | Tags | |
---|---|---|---|
psirt@adobe.com | http://rhn.redhat.com/errata/RHSA-2016-1079.html | Third Party Advisory | |
psirt@adobe.com | http://www.securityfocus.com/bid/90618 | Broken Link, Third Party Advisory, VDB Entry | |
psirt@adobe.com | https://helpx.adobe.com/security/products/flash-player/apsb16-15.html | Patch, Vendor Advisory | |
psirt@adobe.com | https://security.gentoo.org/glsa/201606-08 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2016-1079.html | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/90618 | Broken Link, Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/flash-player/apsb16-15.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201606-08 | Third Party Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_desktop_runtime | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "6FE9A1FF-A8FB-4705-AAA2-76022BC3177D", "versionEndIncluding": "21.0.0.241", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "8B11675D-1F0B-4CF1-B9CB-9D9109ACBD0F", "versionEndIncluding": "21.0.0.241", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "6510599C-F0BE-49FD-94A1-7CC7F956FE9B", "versionEndIncluding": "18.0.0.343", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "590F571C-F892-4B40-988D-E0C496F62457", "versionEndIncluding": "21.0.0.198", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "FD6F6486-94C1-44D8-828A-51C257CCC0EC", "versionEndIncluding": "21.0.0.198", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "E335D8A1-5BD1-4A6E-A5DB-FC88A2A91C38", "versionEndIncluding": "11.2.202.616", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "0BAD76E9-AB24-4E7E-B9B0-3B509A4C190C", "versionEndIncluding": "21.0.0.216", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "FC3AC109-2F61-43DC-9490-07920FFC9E69", "versionEndIncluding": "21.0.0.226", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "08AF08C7-348E-4C2A-AA14-8E561A2233CA", "versionEndIncluding": "21.0.0.198", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4160, CVE-2016-4161, CVE-2016-4162, and CVE-2016-4163." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.352 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.242 en Windows y SO X y en versiones anteriores a 11.2.202.621 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4160, CVE-2016-4161, CVE-2016-4162 y CVE-2016-4163." } ], "id": "CVE-2016-4120", "lastModified": "2024-11-21T02:51:25.080", "metrics": { "cvssMetricV2": [ { "acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-06-16T14:59:00.213", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1079.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/90618" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201606-08" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1079.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/90618" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201606-08" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 01:59
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245 y CVE-2016-4246." } ], "id": "CVE-2016-4187", "lastModified": "2024-11-21T02:51:35.210", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T01:59:56.520", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-04-09 01:59
Modified
2024-11-21 02:45
Severity ?
Summary
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to bypass intended access restrictions via unspecified vectors.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "DBB40E98-5A3C-4D4E-BF35-66D8490D6B96", "versionEndIncluding": "11.2.202.577", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EAB15A84-C6CE-4B87-B058-1ACAF56D96A5", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "68F6E54E-28D2-460A-9167-8BD0D3283E26", "versionEndIncluding": "18.0.0.333", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "0303DA1C-3C95-4E68-B654-579A302FDF62", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "9B384454-A4B4-4E57-8B0C-2B7BB8DCC545", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "7B5CCFA5-1620-4BC0-ABC3-10F6CFC2D7FB", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "5C86F836-BD68-4B24-87F0-536D61670256", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "B2F4F71D-DA29-43C6-B71F-26F0E1E82619", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "B1EBEC22-8E22-47A6-B3F9-2D577AFE5FA1", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to bypass intended access restrictions via unspecified vectors." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.343 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.213 en Windows y OS X y en versiones anteriores a 11.2.202.616 en Linux permite a atacantes eludir las restricciones destinadas al acceso a trav\u00e9s de vectores no especificados." } ], "id": "CVE-2016-1030", "lastModified": "2024-11-21T02:45:38.080", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-04-09T01:59:44.687", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035509" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035509" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-12-15 06:59
Modified
2024-11-21 02:58
Severity ?
Summary
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the NetConnection class when handling the proxy types. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "CF0D14A5-39E1-4882-BB01-CEA5792A12A1", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "C9A6CB65-9F7A-4F32-BC34-F83524B7199C", "versionEndIncluding": "23.0.0.207", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "53F56649-F6A7-4CDE-B93C-5F7CB5986CB6", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "E36B0E89-5095-47A8-BF0F-68A9C37B356E", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "AA5B4F5E-0C58-42AD-8474-2FC6FAE237AB", "versionEndIncluding": "11.2.202.644", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the NetConnection class when handling the proxy types. Successful exploitation could lead to arbitrary code execution." }, { "lang": "es", "value": "Adobe Flash Player versi\u00f3n 23.0.0.207 y versiones anteriores, 11.2.202.644 y versiones anteriores tienen una vulnerabilidad explotable de corrupci\u00f3n de memoria en la clase NetConnection cuando maneja tipos de proxy. Una explotaci\u00f3n exitosa puede resultar en una ejecuci\u00f3n de c\u00f3digo arbitrario." } ], "id": "CVE-2016-7874", "lastModified": "2024-11-21T02:58:38.097", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-12-15T06:59:38.220", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/94866" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037442" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/94866" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037442" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201701-17" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2016-4223 and CVE-2016-4224.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code by leveraging an unspecified \"type confusion,\" a different vulnerability than CVE-2016-4223 and CVE-2016-4224." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes ejecutar un c\u00f3digo arbitrario aprovechando una \"type confusion\" no especificada, una vulnerabilidad diferente a CVE-2016-4223 y CVE-2016-4224." } ], "id": "CVE-2016-4225", "lastModified": "2024-11-21T02:51:40.170", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T02:00:33.263", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91718" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-427" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91718" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-427" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-843" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2024-11-21 02:51
Severity ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4173, CVE-2016-4174, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231 y CVE-2016-4248." } ], "id": "CVE-2016-4222", "lastModified": "2024-11-21T02:51:39.743", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T02:00:30.277", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91719" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-425" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91719" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-425" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-04-07 10:59
Modified
2024-11-21 02:45
Severity ?
Summary
Adobe Flash Player 21.0.0.197 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors, as exploited in the wild in April 2016.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "cisaActionDue": "2022-03-24", "cisaExploitAdd": "2022-03-03", "cisaRequiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "cisaVulnerabilityName": "Adobe Flash Player Arbitrary Code Execution Vulnerability", "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EAB15A84-C6CE-4B87-B058-1ACAF56D96A5", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "68F6E54E-28D2-460A-9167-8BD0D3283E26", "versionEndIncluding": "18.0.0.333", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "9B384454-A4B4-4E57-8B0C-2B7BB8DCC545", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "7B5CCFA5-1620-4BC0-ABC3-10F6CFC2D7FB", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "0303DA1C-3C95-4E68-B654-579A302FDF62", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "DBB40E98-5A3C-4D4E-BF35-66D8490D6B96", "versionEndIncluding": "11.2.202.577", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "5C86F836-BD68-4B24-87F0-536D61670256", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "B2F4F71D-DA29-43C6-B71F-26F0E1E82619", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "B1EBEC22-8E22-47A6-B3F9-2D577AFE5FA1", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player 21.0.0.197 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors, as exploited in the wild in April 2016." }, { "lang": "es", "value": "Adobe Flash Player 21.0.0.197 y versiones anteriores permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, seg\u00fan se ha explotado activamente en Abril de 2016." } ], "id": "CVE-2016-1019", "lastModified": "2024-11-21T02:45:36.547", "metrics": { "cvssMetricV2": [ { "acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-04-07T10:59:01.447", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Vendor Advisory" ], "url": "http://blogs.adobe.com/psirt/?p=1330" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00009.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00010.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00012.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00055.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/85856" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035491" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory", "Vendor Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" }, { "source": "psirt@adobe.com", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsa16-01.html" }, { "source": "psirt@adobe.com", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201606-08" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "https://www.fireeye.com/blog/threat-research/2016/04/cve-2016-1019_a_new.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Vendor Advisory" ], "url": "http://blogs.adobe.com/psirt/?p=1330" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00009.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00010.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00012.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00055.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/85856" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035491" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory", "Vendor Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsa16-01.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201606-08" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "https://www.fireeye.com/blog/threat-research/2016/04/cve-2016-1019_a_new.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Undergoing Analysis", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2018-07-20 19:29
Modified
2024-11-21 04:07
Severity ?
Summary
Adobe Flash Player 30.0.0.113 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
References
▼ | URL | Tags | |
---|---|---|---|
psirt@adobe.com | http://www.securityfocus.com/bid/104698 | Third Party Advisory, VDB Entry | |
psirt@adobe.com | http://www.securitytracker.com/id/1041248 | Third Party Advisory, VDB Entry | |
psirt@adobe.com | https://access.redhat.com/errata/RHSA-2018:2175 | Third Party Advisory | |
psirt@adobe.com | https://helpx.adobe.com/security/products/flash-player/apsb18-24.html | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/104698 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041248 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:2175 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/flash-player/apsb18-24.html | Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
redhat | enterprise_linux_desktop | 6.0 | |
redhat | enterprise_linux_server | 6.0 | |
redhat | enterprise_linux_workstation | 6.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "5E0073CF-E339-47DF-B880-227D478F7A1D", "versionEndIncluding": "30.0.0.113", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "C6B2F6AA-EAB7-45E7-B95C-57ECAB2D898D", "versionEndIncluding": "30.0.0.113", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "28A86D02-AFBE-4891-A167-0099B68BEEEE", "versionEndIncluding": "30.0.0.113", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_11:*:*", "matchCriteriaId": "36386F0D-D934-472B-A98D-C16534B88814", "versionEndIncluding": "30.0.0.113", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player 30.0.0.113 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure." }, { "lang": "es", "value": "Adobe Flash Player, en versiones 30.0.0.113 y anteriores, tiene una vulnerabilidad de lectura fuera de l\u00edmites. Su explotaci\u00f3n con \u00e9xito podr\u00eda resultar en una divulgaci\u00f3n de informaci\u00f3n." } ], "id": "CVE-2018-5008", "lastModified": "2024-11-21T04:07:54.427", "metrics": { "cvssMetricV2": [ { "acInsufInfo": true, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-07-20T19:29:02.570", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/104698" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1041248" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:2175" }, { "source": "psirt@adobe.com", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-24.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/104698" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1041248" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:2175" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-24.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-125" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-04-09 01:59
Modified
2024-11-21 02:45
Severity ?
Summary
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "DBB40E98-5A3C-4D4E-BF35-66D8490D6B96", "versionEndIncluding": "11.2.202.577", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EAB15A84-C6CE-4B87-B058-1ACAF56D96A5", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "68F6E54E-28D2-460A-9167-8BD0D3283E26", "versionEndIncluding": "18.0.0.333", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "0303DA1C-3C95-4E68-B654-579A302FDF62", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "9B384454-A4B4-4E57-8B0C-2B7BB8DCC545", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "7B5CCFA5-1620-4BC0-ABC3-10F6CFC2D7FB", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "5C86F836-BD68-4B24-87F0-536D61670256", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "B2F4F71D-DA29-43C6-B71F-26F0E1E82619", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "B1EBEC22-8E22-47A6-B3F9-2D577AFE5FA1", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.343 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.213 en Windows y OS X y en versiones anteriores a 11.2.202.616 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente de CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032 y CVE-2016-1033." } ], "id": "CVE-2016-1022", "lastModified": "2024-11-21T02:45:36.970", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-04-09T01:59:37.060", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/85932" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035509" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/85932" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035509" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-03-12 15:59
Modified
2024-11-21 02:42
Severity ?
Summary
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | air | * | |
android | - | ||
adobe | air_sdk | * | |
samsung | x14j_firmware | t-ms14jakucb-1102.5 | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "7DB17574-F635-4CD2-97CD-92802EB88D83", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*", "matchCriteriaId": "026FF3B7-3C8D-42CA-AA19-678245A98619", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "00014504-21F2-4868-A17F-2B46E8F5D4B2", "versionEndIncluding": "20.0.0.260", "vulnerable": true }, { "criteria": "cpe:2.3:o:samsung:x14j_firmware:t-ms14jakucb-1102.5:*:*:*:*:*:*:*", "matchCriteriaId": "3A5867B4-EC19-45D4-87BE-867E1D41ECD5", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "FE45C4DB-E4D8-4AF7-9F13-963C62121EFF", "versionEndIncluding": "11.2.202.569", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "759CBC1F-B487-4562-9846-73B9D5DB2278", "versionEndIncluding": "20.2.2.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "AA526566-68B7-44D8-9886-41EE8E6C328B", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "56042C70-3EDA-47F9-AF4E-585659142AF7", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "F8FC6A7D-B68A-45D6-8AAA-97B0D88DA0A5", "versionEndIncluding": "20.0.0.260", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "602FF6D7-8811-443C-83F3-1306965872D7", "versionEndIncluding": "20.0.0.260", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.333 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.182 en Windows y OS X y en versiones anteriores a 11.2.202.577 en Linux, Adobe AIR en versiones anteriores a 21.0.0.176, Adobe AIR SDK en versiones anteriores a 21.0.0.176 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 21.0.0.176 permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-0960, CVE-2016-0961, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002 y CVE-2016-1005." } ], "id": "CVE-2016-0962", "lastModified": "2024-11-21T02:42:43.543", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-03-12T15:59:05.023", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84311" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035251" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84311" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035251" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-07-17 13:18
Modified
2024-11-21 03:24
Severity ?
Summary
Adobe Flash Player versions 26.0.0.131 and earlier have an exploitable memory corruption vulnerability in the Action Script 2 BitmapData class. Successful exploitation could lead to memory address disclosure.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "0D0B7A7C-BCAE-47E5-942D-45434E6F5770", "versionEndIncluding": "26.0.0.131", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "CDD1AB8B-529C-49C1-B7EA-28AB75C47B6F", "versionEndIncluding": "26.0.0.120", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "D4284037-6379-4D41-AFFA-CE2348981788", "versionEndIncluding": "26.0.0.120", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "C0BE88AA-85AC-41A3-B032-43BF5797A662", "versionEndIncluding": "26.0.0.131", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 26.0.0.131 and earlier have an exploitable memory corruption vulnerability in the Action Script 2 BitmapData class. Successful exploitation could lead to memory address disclosure." }, { "lang": "es", "value": "Las versiones 26.0.0.131 y anteriores de Adobe Flash Player, presentan una vulnerabilidad explotable de corrupci\u00f3n de memoria en la clase BitmapData de Action Script 2. La explotaci\u00f3n con \u00e9xito conllevar\u00eda a la divulgaci\u00f3n de direcciones de memoria." } ], "id": "CVE-2017-3100", "lastModified": "2024-11-21T03:24:49.970", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-07-17T13:18:26.203", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/99523" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1038845" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2017:1731" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-21.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201707-15" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/99523" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1038845" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2017:1731" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-21.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201707-15" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-06-16 14:59
Modified
2024-11-21 02:51
Severity ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "39AF0D5D-0C43-4290-B815-19DB07A2FC1A", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EC2F8B78-73CC-44EC-BACF-A2878252992B", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E51D60E3-00C6-459E-B2B9-CA7E25D02FDA", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_11:*:*", "matchCriteriaId": "B1E62C9B-698D-4B21-B513-11F59AC95187", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "363B5A6C-BEE3-4141-8CDD-C1EA06FAD441", "versionEndIncluding": "11.2.202.621", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "80E80DEC-4724-49F4-BD19-4687A83CA56E", "versionEndIncluding": "18.0.0.352", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F", "vulnerable": true }, { "criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*", "matchCriteriaId": "028ABA8F-4E7B-4CD0-B6FC-3A0941E254BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "ED540469-C4DD-485D-9B89-6877B2A74217", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:-:*:*:*:*:*:*:*", "matchCriteriaId": "6EC5FACD-13BC-44E3-8EE1-032CE02760DF", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*", "matchCriteriaId": "232581CC-130A-4C62-A7E9-2EC9A9364D53", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "C6CE5198-C498-4672-AF4C-77AB4BE06C5C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:r2:*:*:*:*:*:*", "matchCriteriaId": "5F2558DF-2D1F-46BA-ABF1-08522D33268E", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." }, { "lang": "es", "value": "Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librer\u00edas Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos, una vulnerabiliad diferente a otras CVEs listadas en MS16-083." } ], "id": "CVE-2016-4147", "lastModified": "2024-11-21T02:51:29.067", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-06-16T14:59:29.107", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "psirt@adobe.com", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 01:59
Modified
2024-11-21 02:51
Severity ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248." }, { "lang": "es", "value": "Uso despues de liberaci\u00f3n de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231 y CVE-2016-4248." } ], "evaluatorComment": "CWE-416: Use After Free", "id": "CVE-2016-4173", "lastModified": "2024-11-21T02:51:33.037", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T01:59:42.817", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91719" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91719" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-03-12 15:59
Modified
2024-11-21 02:42
Severity ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0999, and CVE-2016-1000.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | air | * | |
android | - | ||
adobe | air_sdk | * | |
samsung | x14j_firmware | t-ms14jakucb-1102.5 | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "7DB17574-F635-4CD2-97CD-92802EB88D83", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*", "matchCriteriaId": "026FF3B7-3C8D-42CA-AA19-678245A98619", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "00014504-21F2-4868-A17F-2B46E8F5D4B2", "versionEndIncluding": "20.0.0.260", "vulnerable": true }, { "criteria": "cpe:2.3:o:samsung:x14j_firmware:t-ms14jakucb-1102.5:*:*:*:*:*:*:*", "matchCriteriaId": "3A5867B4-EC19-45D4-87BE-867E1D41ECD5", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "FE45C4DB-E4D8-4AF7-9F13-963C62121EFF", "versionEndIncluding": "11.2.202.569", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "759CBC1F-B487-4562-9846-73B9D5DB2278", "versionEndIncluding": "20.2.2.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "AA526566-68B7-44D8-9886-41EE8E6C328B", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "56042C70-3EDA-47F9-AF4E-585659142AF7", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "F8FC6A7D-B68A-45D6-8AAA-97B0D88DA0A5", "versionEndIncluding": "20.0.0.260", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "602FF6D7-8811-443C-83F3-1306965872D7", "versionEndIncluding": "20.0.0.260", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0999, and CVE-2016-1000." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.333 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.182 en Windows y OS X y en versiones anteriores a 11.2.202.577 en Linux, Adobe AIR en versiones anteriores a 21.0.0.176, Adobe AIR SDK en versiones anteriores a 21.0.0.176 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 21.0.0.176 permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0999 y CVE-2016-1000." } ], "evaluatorComment": "CWE-416: Use After Free", "id": "CVE-2016-0998", "lastModified": "2024-11-21T02:42:48.933", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-03-12T15:59:18.823", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84312" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035251" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "psirt@adobe.com", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/39612/" }, { "source": "psirt@adobe.com", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/39631/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84312" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035251" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/39612/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/39631/" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-02-10 20:59
Modified
2024-11-21 02:42
Severity ?
Summary
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "9C8C62C1-327A-4D04-A51C-0614DB4F5493", "versionEndIncluding": "11.2.202.559", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "BAFA5674-4EBC-4587-87C6-22A522B487C6", "versionEndIncluding": "20.0.0.286", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "002CFEA6-D147-44B4-90FC-0D3C68D96082", "versionEndIncluding": "18.0.0.326", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "F40FBAAB-92FC-45AF-B656-E87ECC4C4816", "versionEndIncluding": "20.0.0.272", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "686929A4-EB67-47B6-87EC-453BCD13FE20", "versionEndIncluding": "20.0.0.286", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E823E5FE-7367-41DE-8CD7-842C5C2F53CE", "versionEndIncluding": "20.0.0.272", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "18BA497D-0C1D-451E-B54F-4028FD9B9F3B", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "F09C5C9A-0493-4601-84AE-3A9C5985231D", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "00D08966-361A-430D-9B39-ED143404EBF6", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.329 y 19.x y 20.x en versiones anteriores a 20.0.0.306 en Windows y OS X y en versiones anteriores a 11.2.202.569 en Linux, Adobe AIR en versiones anteriores a 20.0.0.260, Adobe AIR SDK en versiones anteriores a 20.0.0.260 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 20.0.0.260 permiten a atacantes ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980 y CVE-2016-0981." } ], "id": "CVE-2016-0976", "lastModified": "2024-11-21T02:42:45.700", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-02-10T20:59:24.217", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1034970" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1034970" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-02-10 20:59
Modified
2024-11-21 02:42
Severity ?
Summary
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "9C8C62C1-327A-4D04-A51C-0614DB4F5493", "versionEndIncluding": "11.2.202.559", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "BAFA5674-4EBC-4587-87C6-22A522B487C6", "versionEndIncluding": "20.0.0.286", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "002CFEA6-D147-44B4-90FC-0D3C68D96082", "versionEndIncluding": "18.0.0.326", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "F40FBAAB-92FC-45AF-B656-E87ECC4C4816", "versionEndIncluding": "20.0.0.272", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "686929A4-EB67-47B6-87EC-453BCD13FE20", "versionEndIncluding": "20.0.0.286", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E823E5FE-7367-41DE-8CD7-842C5C2F53CE", "versionEndIncluding": "20.0.0.272", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "18BA497D-0C1D-451E-B54F-4028FD9B9F3B", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "F09C5C9A-0493-4601-84AE-3A9C5985231D", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "00D08966-361A-430D-9B39-ED143404EBF6", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.329 y 19.x y 20.x en versiones anteriores a 20.0.0.306 en Windows y OS X y en versiones anteriores a 11.2.202.569 en Linux, Adobe AIR en versiones anteriores a 20.0.0.260, Adobe AIR SDK en versiones anteriores a 20.0.0.260 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 20.0.0.260 permiten a atacantes ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0979, CVE-2016-0980 y CVE-2016-0981." } ], "id": "CVE-2016-0978", "lastModified": "2024-11-21T02:42:45.990", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-02-10T20:59:26.280", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1034970" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1034970" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 01:59
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245 y CVE-2016-4246." } ], "id": "CVE-2016-4186", "lastModified": "2024-11-21T02:51:35.073", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T01:59:55.583", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-06-16 14:59
Modified
2024-11-21 02:51
Severity ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EC2F8B78-73CC-44EC-BACF-A2878252992B", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "363B5A6C-BEE3-4141-8CDD-C1EA06FAD441", "versionEndIncluding": "11.2.202.621", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "80E80DEC-4724-49F4-BD19-4687A83CA56E", "versionEndIncluding": "18.0.0.352", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E51D60E3-00C6-459E-B2B9-CA7E25D02FDA", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "AEBB9124-E2D5-435E-A59A-9B250374ABD6", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "39AF0D5D-0C43-4290-B815-19DB07A2FC1A", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F", "vulnerable": true }, { "criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*", "matchCriteriaId": "028ABA8F-4E7B-4CD0-B6FC-3A0941E254BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "ED540469-C4DD-485D-9B89-6877B2A74217", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." }, { "lang": "es", "value": "Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librer\u00edas Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos, una vulnerabiliad diferente a otras CVEs listadas en MS16-083." } ], "id": "CVE-2016-4123", "lastModified": "2024-11-21T02:51:25.500", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-06-16T14:59:03.903", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-02-10 20:59
Modified
2024-11-21 02:42
Severity ?
Summary
Use-after-free vulnerability in the instanceof function in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows attackers to execute arbitrary code by leveraging improper reference handling, a different vulnerability than CVE-2016-0973, CVE-2016-0974, CVE-2016-0982, CVE-2016-0983, and CVE-2016-0984.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "9C8C62C1-327A-4D04-A51C-0614DB4F5493", "versionEndIncluding": "11.2.202.559", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "BAFA5674-4EBC-4587-87C6-22A522B487C6", "versionEndIncluding": "20.0.0.286", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "002CFEA6-D147-44B4-90FC-0D3C68D96082", "versionEndIncluding": "18.0.0.326", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "F40FBAAB-92FC-45AF-B656-E87ECC4C4816", "versionEndIncluding": "20.0.0.272", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "686929A4-EB67-47B6-87EC-453BCD13FE20", "versionEndIncluding": "20.0.0.286", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E823E5FE-7367-41DE-8CD7-842C5C2F53CE", "versionEndIncluding": "20.0.0.272", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "18BA497D-0C1D-451E-B54F-4028FD9B9F3B", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "F09C5C9A-0493-4601-84AE-3A9C5985231D", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "00D08966-361A-430D-9B39-ED143404EBF6", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in the instanceof function in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allows attackers to execute arbitrary code by leveraging improper reference handling, a different vulnerability than CVE-2016-0973, CVE-2016-0974, CVE-2016-0982, CVE-2016-0983, and CVE-2016-0984." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en la funci\u00f3n instanceof en Adobe Flash Player en versiones anteriores a 18.0.0.329 y 19.x y 20.x en versiones anteriores a 20.0.0.306 en Windows y OS X y en versiones anteriores a 11.2.202.569 en Linux, Adobe AIR en versiones anteriores a 20.0.0.260, Adobe AIR SDK en versiones anteriores a 20.0.0.260 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 20.0.0.260 permite a atacantes ejecutar c\u00f3digo arbitrario aprovechando el tratamiento incorrecto de referencias, una vulnerabilidad diferente a CVE-2016-0973, CVE-2016-0974, CVE-2016-0982, CVE-2016-0983 y CVE-2016-0984." } ], "id": "CVE-2016-0975", "lastModified": "2024-11-21T02:42:45.540", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-02-10T20:59:23.030", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1034970" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://zerodayinitiative.com/advisories/ZDI-16-160/" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1034970" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://zerodayinitiative.com/advisories/ZDI-16-160/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2018-05-19 17:29
Modified
2024-11-21 04:07
Severity ?
Summary
Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable Use-After-Free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "7531B60E-06FF-4F9C-90E0-71B8637D5CF0", "versionEndIncluding": "29.0.0.113", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "C58710D1-1B89-494D-8675-68A93C0ACD37", "versionEndIncluding": "29.0.0.113", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "EE872A2B-4118-419A-8B2A-1486BFE1F48A", "versionEndIncluding": "29.0.0.113", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "E5278C46-1C86-41FF-AE07-FB960DDA5251", "versionEndIncluding": "29.0.0.113", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable Use-After-Free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user." }, { "lang": "es", "value": "Adobe Flash Player, en versiones 29.0.0.113 y anteriores, tiene una vulnerabilidad explotable de uso de memoria previamente liberada. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo en el contexto del usuario actual." } ], "id": "CVE-2018-4932", "lastModified": "2024-11-21T04:07:44.227", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-05-19T17:29:01.167", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/103708" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1040648" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:1119" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-08.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201804-11" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/103708" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1040648" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:1119" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-08.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201804-11" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-06-16 14:59
Modified
2024-11-21 02:51
Severity ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EC2F8B78-73CC-44EC-BACF-A2878252992B", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "363B5A6C-BEE3-4141-8CDD-C1EA06FAD441", "versionEndIncluding": "11.2.202.621", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "80E80DEC-4724-49F4-BD19-4687A83CA56E", "versionEndIncluding": "18.0.0.352", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E51D60E3-00C6-459E-B2B9-CA7E25D02FDA", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "AEBB9124-E2D5-435E-A59A-9B250374ABD6", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "39AF0D5D-0C43-4290-B815-19DB07A2FC1A", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F", "vulnerable": true }, { "criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*", "matchCriteriaId": "028ABA8F-4E7B-4CD0-B6FC-3A0941E254BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "ED540469-C4DD-485D-9B89-6877B2A74217", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." }, { "lang": "es", "value": "Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librer\u00edas Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos, una vulnerabiliad diferente a otras CVEs listadas en MS16-083." } ], "id": "CVE-2016-4128", "lastModified": "2024-11-21T02:51:26.170", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-06-16T14:59:09.107", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-06-16 14:59
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4160, CVE-2016-4162, and CVE-2016-4163.
References
▼ | URL | Tags | |
---|---|---|---|
psirt@adobe.com | http://rhn.redhat.com/errata/RHSA-2016-1079.html | Third Party Advisory | |
psirt@adobe.com | http://www.securityfocus.com/bid/90618 | Broken Link, Third Party Advisory, VDB Entry | |
psirt@adobe.com | https://helpx.adobe.com/security/products/flash-player/apsb16-15.html | Patch, Vendor Advisory | |
psirt@adobe.com | https://security.gentoo.org/glsa/201606-08 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2016-1079.html | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/90618 | Broken Link, Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/flash-player/apsb16-15.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201606-08 | Third Party Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_desktop_runtime | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "6FE9A1FF-A8FB-4705-AAA2-76022BC3177D", "versionEndIncluding": "21.0.0.241", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "8B11675D-1F0B-4CF1-B9CB-9D9109ACBD0F", "versionEndIncluding": "21.0.0.241", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "6510599C-F0BE-49FD-94A1-7CC7F956FE9B", "versionEndIncluding": "18.0.0.343", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "590F571C-F892-4B40-988D-E0C496F62457", "versionEndIncluding": "21.0.0.198", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "FD6F6486-94C1-44D8-828A-51C257CCC0EC", "versionEndIncluding": "21.0.0.198", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "E335D8A1-5BD1-4A6E-A5DB-FC88A2A91C38", "versionEndIncluding": "11.2.202.616", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "0BAD76E9-AB24-4E7E-B9B0-3B509A4C190C", "versionEndIncluding": "21.0.0.216", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "FC3AC109-2F61-43DC-9490-07920FFC9E69", "versionEndIncluding": "21.0.0.226", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "08AF08C7-348E-4C2A-AA14-8E561A2233CA", "versionEndIncluding": "21.0.0.198", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4160, CVE-2016-4162, and CVE-2016-4163." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.352 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.242 en Windows y SO X y en versiones anteriores a 11.2.202.621 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4160, CVE-2016-4162 y CVE-2016-4163." } ], "id": "CVE-2016-4161", "lastModified": "2024-11-21T02:51:31.200", "metrics": { "cvssMetricV2": [ { "acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-06-16T14:59:43.953", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1079.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/90618" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201606-08" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1079.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/90618" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201606-08" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2018-07-20 19:29
Modified
2024-11-21 04:07
Severity ?
Summary
Adobe Flash Player 30.0.0.113 and earlier versions have a Type Confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
References
▼ | URL | Tags | |
---|---|---|---|
psirt@adobe.com | http://www.securityfocus.com/bid/104698 | Third Party Advisory, VDB Entry | |
psirt@adobe.com | http://www.securitytracker.com/id/1041248 | Third Party Advisory, VDB Entry | |
psirt@adobe.com | https://access.redhat.com/errata/RHSA-2018:2175 | Third Party Advisory | |
psirt@adobe.com | https://helpx.adobe.com/security/products/flash-player/apsb18-24.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/104698 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041248 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:2175 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/flash-player/apsb18-24.html | Patch, Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
redhat | enterprise_linux_desktop | 6.0 | |
redhat | enterprise_linux_server | 6.0 | |
redhat | enterprise_linux_workstation | 6.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "5E0073CF-E339-47DF-B880-227D478F7A1D", "versionEndIncluding": "30.0.0.113", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "C6B2F6AA-EAB7-45E7-B95C-57ECAB2D898D", "versionEndIncluding": "30.0.0.113", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "28A86D02-AFBE-4891-A167-0099B68BEEEE", "versionEndIncluding": "30.0.0.113", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_11:*:*", "matchCriteriaId": "36386F0D-D934-472B-A98D-C16534B88814", "versionEndIncluding": "30.0.0.113", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player 30.0.0.113 and earlier versions have a Type Confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user." }, { "lang": "es", "value": "Adobe Flash Player, en versiones 30.0.0.113 y anteriores, tiene una vulnerabilidad de confusi\u00f3n de tipos. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo en el contexto del usuario actual." } ], "id": "CVE-2018-5007", "lastModified": "2024-11-21T04:07:54.307", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-07-20T19:29:02.523", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/104698" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1041248" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:2175" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-24.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/104698" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1041248" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:2175" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-24.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-704" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2019-05-24 19:29
Modified
2024-11-21 04:47
Severity ?
Summary
Flash Player Desktop Runtime versions 32.0.0.114 and earlier, Flash Player for Google Chrome versions 32.0.0.114 and earlier, and Flash Player for Microsoft Edge and Internet Explorer 11 versions 32.0.0.114 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | macos | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | macos | - | |
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | * | |
microsoft | windows_8.1 | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "5767326A-B865-469F-A42F-CC921C1E1C3B", "versionEndIncluding": "32.0.0.114", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "BA4B75F3-7BF8-44D4-87F9-274C4A65DB77", "versionEndIncluding": "32.0.0.114", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "62310714-0959-4175-8D6D-B260543E9B93", "versionEndIncluding": "32.0.0.114", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_11:*:*", "matchCriteriaId": "07502A5D-5764-4859-9B6B-E3E9D36BDF6A", "versionEndIncluding": "32.0.0.114", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:*", "matchCriteriaId": "FBC814B4-7DEC-4EFC-ABFF-08FFD9FD16AA", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*", "matchCriteriaId": "A7F51B5F-AA19-4D31-89FA-6DFAC4BA8F0F", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Flash Player Desktop Runtime versions 32.0.0.114 and earlier, Flash Player for Google Chrome versions 32.0.0.114 and earlier, and Flash Player for Microsoft Edge and Internet Explorer 11 versions 32.0.0.114 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure." }, { "lang": "es", "value": "Las versiones de Flash Player Desktop Runtime 32.0.0.114 y anteriores, Flash Player para versiones de Google Chrome 32.0.0.114 y anteriores, y las versiones de Flash Player para Microsoft Edge e Internet Explorer 11 32.0.0.114 y anteriores tienen una vulnerabilidad de lectura fuera de l\u00edmites. Su explotaci\u00f3n exitosa podr\u00eda llevar a la divulgaci\u00f3n de informaci\u00f3n." } ], "id": "CVE-2019-7090", "lastModified": "2024-11-21T04:47:32.540", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2019-05-24T19:29:02.783", "references": [ { "source": "psirt@adobe.com", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb19-06.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb19-06.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-125" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2016-4224 and CVE-2016-4225.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code by leveraging an unspecified \"type confusion,\" a different vulnerability than CVE-2016-4224 and CVE-2016-4225." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes ejecutar un c\u00f3digo arbitrario aprovechando una \"type confusion\" no especificada, una vulnerabilidad diferente a CVE-2016-4224 y CVE-2016-4225." } ], "id": "CVE-2016-4223", "lastModified": "2024-11-21T02:51:39.883", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T02:00:31.153", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91718" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-424" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91718" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-424" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-843" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-09-14 18:59
Modified
2024-11-21 02:57
Severity ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player_desktop_runtime | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "E7CA6039-558F-4C74-95A6-5C651DD6884D", "versionEndIncluding": "11.2.202.632", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "15F5093D-7418-4D20-BFBA-081D69D7AE7F", "versionEndIncluding": "22.0.0.211", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "CE5BB30B-7DE2-469E-AF95-D552C2BF15F8", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "186A94B2-FFE5-48FF-BADA-0A8083C6CD3D", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "7DB6BA20-BD01-4169-AFE3-07DEB17381C9", "versionEndIncluding": "18.0.0.366", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "156F0DBE-F62C-4596-BF96-9E1224B74494", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.375 y 19.x hasta la versi\u00f3n 23.x en versiones anteriores a 23.0.0.162 en Windows y OS X y en versiones anteriores a 11.2.202.635 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931 y CVE-2016-6932." } ], "id": "CVE-2016-6923", "lastModified": "2024-11-21T02:57:06.667", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-09-14T18:59:19.920", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/92927" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/92927" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-02-10 20:59
Modified
2024-11-21 02:42
Severity ?
Summary
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "9C8C62C1-327A-4D04-A51C-0614DB4F5493", "versionEndIncluding": "11.2.202.559", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "BAFA5674-4EBC-4587-87C6-22A522B487C6", "versionEndIncluding": "20.0.0.286", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "002CFEA6-D147-44B4-90FC-0D3C68D96082", "versionEndIncluding": "18.0.0.326", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "F40FBAAB-92FC-45AF-B656-E87ECC4C4816", "versionEndIncluding": "20.0.0.272", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "686929A4-EB67-47B6-87EC-453BCD13FE20", "versionEndIncluding": "20.0.0.286", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E823E5FE-7367-41DE-8CD7-842C5C2F53CE", "versionEndIncluding": "20.0.0.272", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "18BA497D-0C1D-451E-B54F-4028FD9B9F3B", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "F09C5C9A-0493-4601-84AE-3A9C5985231D", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "00D08966-361A-430D-9B39-ED143404EBF6", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.329 y 19.x y 20.x en versiones anteriores a 20.0.0.306 en Windows y OS X y en versiones anteriores a 11.2.202.569 en Linux, Adobe AIR en versiones anteriores a 20.0.0.260, Adobe AIR SDK en versiones anteriores a 20.0.0.260 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 20.0.0.260 permiten a atacantes ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980 y CVE-2016-0981." } ], "id": "CVE-2016-0969", "lastModified": "2024-11-21T02:42:44.637", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-02-10T20:59:16.890", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1034970" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1034970" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2024-11-21 03:24
Severity ?
Summary
Adobe Flash Player versions 26.0.0.137 and earlier have a security bypass vulnerability that leads to information disclosure when performing URL redirect.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
redhat | enterprise_linux | 6.0 | |
redhat | enterprise_linux_desktop | 6.0 | |
redhat | enterprise_linux_workstation | 6.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "E1E372AA-736C-4E3B-B95F-08F0740729D6", "versionEndIncluding": "26.0.0.137", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "A12CDEA6-D7A0-4FC8-BB0C-86BBD368CB3D", "versionEndIncluding": "26.0.0.137", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "5749101F-B883-4303-9511-D1B9F088E74A", "versionEndIncluding": "26.0.0.137", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "D0784B39-1D26-423F-BB54-6B83F2EECF0D", "versionEndIncluding": "26.0.0.137", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 26.0.0.137 and earlier have a security bypass vulnerability that leads to information disclosure when performing URL redirect." }, { "lang": "es", "value": "Adobe Flash Player en sus versiones 26.0.0.137 y anteriores tiene una vulnerabilidad de omisi\u00f3n de seguridad que da lugar a una revelaci\u00f3n de informaci\u00f3n cuando se lleva a cabo una redirecci\u00f3n URL." } ], "id": "CVE-2017-3085", "lastModified": "2024-11-21T03:24:48.210", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 4.0, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-08-11T19:29:02.210", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/100191" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1039088" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-17-634/" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2017:2457" }, { "source": "psirt@adobe.com", "tags": [ "Exploit", "Technical Description", "Third Party Advisory" ], "url": "https://blog.bjornweb.nl/2017/08/flash-remote-sandbox-escape-windows-user-credentials-leak/" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-23.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201709-16" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/100191" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1039088" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-17-634/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2017:2457" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Technical Description", "Third Party Advisory" ], "url": "https://blog.bjornweb.nl/2017/08/flash-remote-sandbox-escape-windows-user-credentials-leak/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-23.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201709-16" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-601" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-04-09 01:59
Modified
2024-11-21 02:45
Severity ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1013, CVE-2016-1016, CVE-2016-1017, and CVE-2016-1031.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "DBB40E98-5A3C-4D4E-BF35-66D8490D6B96", "versionEndIncluding": "11.2.202.577", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EAB15A84-C6CE-4B87-B058-1ACAF56D96A5", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "68F6E54E-28D2-460A-9167-8BD0D3283E26", "versionEndIncluding": "18.0.0.333", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "0303DA1C-3C95-4E68-B654-579A302FDF62", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "9B384454-A4B4-4E57-8B0C-2B7BB8DCC545", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "7B5CCFA5-1620-4BC0-ABC3-10F6CFC2D7FB", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "5C86F836-BD68-4B24-87F0-536D61670256", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "B2F4F71D-DA29-43C6-B71F-26F0E1E82619", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "B1EBEC22-8E22-47A6-B3F9-2D577AFE5FA1", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1013, CVE-2016-1016, CVE-2016-1017, and CVE-2016-1031." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.343 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.213 en Windows y OS X y en versiones anteriores a 11.2.202.616 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente de CVE-2016-1013, CVE-2016-1016, CVE-2016-1017 y CVE-2016-1031." } ], "id": "CVE-2016-1011", "lastModified": "2024-11-21T02:45:35.377", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-04-09T01:59:27.353", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://packetstormsecurity.com/files/137050/Adobe-Flash-MovieClip.duplicateMovieClip-Use-After-Free.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/85926" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035509" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" }, { "source": "psirt@adobe.com", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/39779/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://packetstormsecurity.com/files/137050/Adobe-Flash-MovieClip.duplicateMovieClip-Use-After-Free.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/85926" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035509" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/39779/" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-06-16 14:59
Modified
2024-11-21 02:51
Severity ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "39AF0D5D-0C43-4290-B815-19DB07A2FC1A", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EC2F8B78-73CC-44EC-BACF-A2878252992B", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E51D60E3-00C6-459E-B2B9-CA7E25D02FDA", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_11:*:*", "matchCriteriaId": "B1E62C9B-698D-4B21-B513-11F59AC95187", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "363B5A6C-BEE3-4141-8CDD-C1EA06FAD441", "versionEndIncluding": "11.2.202.621", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "80E80DEC-4724-49F4-BD19-4687A83CA56E", "versionEndIncluding": "18.0.0.352", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F", "vulnerable": true }, { "criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*", "matchCriteriaId": "028ABA8F-4E7B-4CD0-B6FC-3A0941E254BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "ED540469-C4DD-485D-9B89-6877B2A74217", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:-:*:*:*:*:*:*:*", "matchCriteriaId": "6EC5FACD-13BC-44E3-8EE1-032CE02760DF", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*", "matchCriteriaId": "232581CC-130A-4C62-A7E9-2EC9A9364D53", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "C6CE5198-C498-4672-AF4C-77AB4BE06C5C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:r2:*:*:*:*:*:*", "matchCriteriaId": "5F2558DF-2D1F-46BA-ABF1-08522D33268E", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." }, { "lang": "es", "value": "Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librer\u00edas Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos, una vulnerabiliad diferente a otras CVEs listadas en MS16-083." } ], "id": "CVE-2016-4156", "lastModified": "2024-11-21T02:51:30.513", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-06-16T14:59:38.467", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "psirt@adobe.com", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-03-12 15:59
Modified
2024-11-21 02:45
Severity ?
Summary
Heap-based buffer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | air | * | |
android | - | ||
adobe | air_sdk | * | |
samsung | x14j_firmware | t-ms14jakucb-1102.5 | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "7DB17574-F635-4CD2-97CD-92802EB88D83", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*", "matchCriteriaId": "026FF3B7-3C8D-42CA-AA19-678245A98619", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "00014504-21F2-4868-A17F-2B46E8F5D4B2", "versionEndIncluding": "20.0.0.260", "vulnerable": true }, { "criteria": "cpe:2.3:o:samsung:x14j_firmware:t-ms14jakucb-1102.5:*:*:*:*:*:*:*", "matchCriteriaId": "3A5867B4-EC19-45D4-87BE-867E1D41ECD5", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "FE45C4DB-E4D8-4AF7-9F13-963C62121EFF", "versionEndIncluding": "11.2.202.569", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "759CBC1F-B487-4562-9846-73B9D5DB2278", "versionEndIncluding": "20.2.2.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "AA526566-68B7-44D8-9886-41EE8E6C328B", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "56042C70-3EDA-47F9-AF4E-585659142AF7", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "F8FC6A7D-B68A-45D6-8AAA-97B0D88DA0A5", "versionEndIncluding": "20.0.0.260", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "602FF6D7-8811-443C-83F3-1306965872D7", "versionEndIncluding": "20.0.0.260", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Heap-based buffer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors." }, { "lang": "es", "value": "Desbordamiento de buffer basado en memoria din\u00e1mica en Adobe Flash Player en versiones anteriores a 18.0.0.333 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.182 en Windows y OS X y en versiones anteriores a 11.2.202.577 en Linux, Adobe AIR en versiones anteriores a 21.0.0.176, Adobe AIR SDK en versiones anteriores a 21.0.0.176 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 21.0.0.176 permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados." } ], "id": "CVE-2016-1001", "lastModified": "2024-11-21T02:45:34.060", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-03-12T15:59:21.900", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035251" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "psirt@adobe.com", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/39609/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035251" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/39609/" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 01:59
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245 y CVE-2016-4246." } ], "id": "CVE-2016-4190", "lastModified": "2024-11-21T02:51:35.650", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T01:59:59.693", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-03-12 15:59
Modified
2024-11-21 02:42
Severity ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | air | * | |
android | - | ||
adobe | air_sdk | * | |
samsung | x14j_firmware | t-ms14jakucb-1102.5 | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "7DB17574-F635-4CD2-97CD-92802EB88D83", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*", "matchCriteriaId": "026FF3B7-3C8D-42CA-AA19-678245A98619", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "00014504-21F2-4868-A17F-2B46E8F5D4B2", "versionEndIncluding": "20.0.0.260", "vulnerable": true }, { "criteria": "cpe:2.3:o:samsung:x14j_firmware:t-ms14jakucb-1102.5:*:*:*:*:*:*:*", "matchCriteriaId": "3A5867B4-EC19-45D4-87BE-867E1D41ECD5", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "FE45C4DB-E4D8-4AF7-9F13-963C62121EFF", "versionEndIncluding": "11.2.202.569", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "759CBC1F-B487-4562-9846-73B9D5DB2278", "versionEndIncluding": "20.2.2.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "AA526566-68B7-44D8-9886-41EE8E6C328B", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "56042C70-3EDA-47F9-AF4E-585659142AF7", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "F8FC6A7D-B68A-45D6-8AAA-97B0D88DA0A5", "versionEndIncluding": "20.0.0.260", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "602FF6D7-8811-443C-83F3-1306965872D7", "versionEndIncluding": "20.0.0.260", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de la liberaci\u00f3n de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.333 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.182 en Windows y OS X y en versiones anteriores a 11.2.202.577 en Linux, Adobe AIR en versiones anteriores a 21.0.0.176, Adobe AIR SDK en versiones anteriores a 21.0.0.176 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 21.0.0.176 permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999 y CVE-2016-1000." } ], "evaluatorComment": "CWE-416: Use After Free", "id": "CVE-2016-0987", "lastModified": "2024-11-21T02:42:47.297", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-03-12T15:59:07.823", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84312" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035251" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84312" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035251" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-09-14 18:59
Modified
2024-11-21 02:57
Severity ?
Summary
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, and CVE-2016-6922.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "E7CA6039-558F-4C74-95A6-5C651DD6884D", "versionEndIncluding": "11.2.202.632", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "15F5093D-7418-4D20-BFBA-081D69D7AE7F", "versionEndIncluding": "22.0.0.211", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "CE5BB30B-7DE2-469E-AF95-D552C2BF15F8", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "186A94B2-FFE5-48FF-BADA-0A8083C6CD3D", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "7DB6BA20-BD01-4169-AFE3-07DEB17381C9", "versionEndIncluding": "18.0.0.366", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "156F0DBE-F62C-4596-BF96-9E1224B74494", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, and CVE-2016-6922." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.375 y 19.x hasta la versi\u00f3n 23.x en versiones anteriores a 23.0.0.162 en Windows y OS X y en versiones anteriores a 11.2.202.635 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285 y CVE-2016-6922." } ], "id": "CVE-2016-6924", "lastModified": "2024-11-21T02:57:06.800", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-09-14T18:59:20.827", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/92930" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/92930" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-10-13 20:00
Modified
2024-11-21 02:57
Severity ?
Summary
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion."
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player_desktop_runtime | * | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "AC8E6823-74A6-4013-8719-3AECCD82E528", "versionEndIncluding": "23.0.0.162", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "44F8E3B1-C71C-4402-B58C-B6AEA1F9D123", "versionEndIncluding": "23.0.0.162", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "FF98FA22-5DF9-4408-946F-14F23F83B397", "versionEndIncluding": "23.0.0.162", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "0C7D71FC-0E0F-40CF-B6D1-ED900D0E1D1E", "versionEndIncluding": "18.0.0.375", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "9354C77F-09CA-4B4A-9775-54E5B78B045C", "versionEndIncluding": "23.0.0.162", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:linux:*:*", "matchCriteriaId": "8783B83A-0C8C-495E-BD14-C0857D9FB29D", "versionEndIncluding": "11.2.202.635", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code by leveraging an unspecified \"type confusion.\"" }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.382 y 19.x hasta la versi\u00f3n 23.x en versiones anteriores a 23.0.0.185 en Windows y OS X y en versiones anteriores a 11.2.202.637 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario aprovechando una \"confusi\u00f3n de tipo\" no especificada." } ], "id": "CVE-2016-6992", "lastModified": "2024-11-21T02:57:15.177", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-10-13T20:00:08.577", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/93488" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036985" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/93488" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036985" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-843" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-04-09 01:59
Modified
2024-11-21 02:45
Severity ?
Summary
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code by overriding NetConnection object properties to leverage an unspecified "type confusion," a different vulnerability than CVE-2016-1019.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "DBB40E98-5A3C-4D4E-BF35-66D8490D6B96", "versionEndIncluding": "11.2.202.577", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EAB15A84-C6CE-4B87-B058-1ACAF56D96A5", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "68F6E54E-28D2-460A-9167-8BD0D3283E26", "versionEndIncluding": "18.0.0.333", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "0303DA1C-3C95-4E68-B654-579A302FDF62", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "9B384454-A4B4-4E57-8B0C-2B7BB8DCC545", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "7B5CCFA5-1620-4BC0-ABC3-10F6CFC2D7FB", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "5C86F836-BD68-4B24-87F0-536D61670256", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "B2F4F71D-DA29-43C6-B71F-26F0E1E82619", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "B1EBEC22-8E22-47A6-B3F9-2D577AFE5FA1", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code by overriding NetConnection object properties to leverage an unspecified \"type confusion,\" a different vulnerability than CVE-2016-1019." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.343 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.213 en Windows y OS X y en versiones anteriores a 11.2.202.616 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario sobrescribiendo las propiedades de objeto NetConnection para aprovechar una \"confusi\u00f3n de tipo\" no especificada, una vulnerabilidad diferente a CVE-2016-1019." } ], "id": "CVE-2016-1015", "lastModified": "2024-11-21T02:45:35.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-04-09T01:59:31.073", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/85930" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035509" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-227/" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/85930" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035509" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-227/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-843" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-02-15 06:59
Modified
2024-11-21 03:24
Severity ?
Summary
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable integer overflow vulnerability related to Flash Broker COM. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "72027AB8-CD81-4DC3-9898-F4CE2BAE309A", "versionEndIncluding": "24.0.0.194", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "DB881360-123D-413E-88F3-C402DD92D1D1", "versionEndIncluding": "24.0.0.194", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "A2E601B7-FB5B-4B6B-8AC3-1B7503D3DBEB", "versionEndIncluding": "24.0.0.194", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EAA0C4E6-7324-424C-A7C8-DEE39551A847", "versionEndIncluding": "24.0.0.194", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable integer overflow vulnerability related to Flash Broker COM. Successful exploitation could lead to arbitrary code execution." }, { "lang": "es", "value": "Adobe Flash Player, versiones 24.0.0.194 y anteriores, tienen una vulnerabilidad explotable de desbordamiento de entero relacionada con Flash Broker COM. La explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario." } ], "id": "CVE-2017-2987", "lastModified": "2024-11-21T03:24:35.587", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-02-15T06:59:00.620", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/96194" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037815" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201702-20" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/96194" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037815" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201702-20" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-190" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-09-14 18:59
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player_desktop_runtime | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "E7CA6039-558F-4C74-95A6-5C651DD6884D", "versionEndIncluding": "11.2.202.632", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "15F5093D-7418-4D20-BFBA-081D69D7AE7F", "versionEndIncluding": "22.0.0.211", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "CE5BB30B-7DE2-469E-AF95-D552C2BF15F8", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "186A94B2-FFE5-48FF-BADA-0A8083C6CD3D", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "7DB6BA20-BD01-4169-AFE3-07DEB17381C9", "versionEndIncluding": "18.0.0.366", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "156F0DBE-F62C-4596-BF96-9E1224B74494", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.375 y 19.x hasta la versi\u00f3n 23.x en versiones anteriores a 23.0.0.162 en Windows y OS X y en versiones anteriores a 11.2.202.635 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922 y CVE-2016-6924." } ], "id": "CVE-2016-4283", "lastModified": "2024-11-21T02:51:47.897", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-09-14T18:59:13.733", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/92930" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/92930" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245 y CVE-2016-4246." } ], "id": "CVE-2016-4235", "lastModified": "2024-11-21T02:51:41.627", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T02:00:42.387", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245 y CVE-2016-4246." } ], "id": "CVE-2016-4217", "lastModified": "2024-11-21T02:51:38.993", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T02:00:25.870", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-09-14 18:59
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player_desktop_runtime | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "E7CA6039-558F-4C74-95A6-5C651DD6884D", "versionEndIncluding": "11.2.202.632", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "15F5093D-7418-4D20-BFBA-081D69D7AE7F", "versionEndIncluding": "22.0.0.211", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "CE5BB30B-7DE2-469E-AF95-D552C2BF15F8", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "186A94B2-FFE5-48FF-BADA-0A8083C6CD3D", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "7DB6BA20-BD01-4169-AFE3-07DEB17381C9", "versionEndIncluding": "18.0.0.366", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "156F0DBE-F62C-4596-BF96-9E1224B74494", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.375 y 19.x hasta la versi\u00f3n 23.x en versiones anteriores a 23.0.0.162 en Windows y OS X y en versiones anteriores a 11.2.202.635 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4285, CVE-2016-6922 y CVE-2016-6924." } ], "id": "CVE-2016-4284", "lastModified": "2024-11-21T02:51:48.023", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-09-14T18:59:14.750", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/92930" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/92930" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-04-09 01:59
Modified
2024-11-21 02:45
Severity ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1011, CVE-2016-1016, CVE-2016-1017, and CVE-2016-1031.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "DBB40E98-5A3C-4D4E-BF35-66D8490D6B96", "versionEndIncluding": "11.2.202.577", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EAB15A84-C6CE-4B87-B058-1ACAF56D96A5", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "68F6E54E-28D2-460A-9167-8BD0D3283E26", "versionEndIncluding": "18.0.0.333", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "0303DA1C-3C95-4E68-B654-579A302FDF62", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "9B384454-A4B4-4E57-8B0C-2B7BB8DCC545", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "7B5CCFA5-1620-4BC0-ABC3-10F6CFC2D7FB", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "5C86F836-BD68-4B24-87F0-536D61670256", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "B2F4F71D-DA29-43C6-B71F-26F0E1E82619", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "B1EBEC22-8E22-47A6-B3F9-2D577AFE5FA1", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1011, CVE-2016-1016, CVE-2016-1017, and CVE-2016-1031." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.343 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.213 en Windows y OS X y en versiones anteriores a 11.2.202.616 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente de CVE-2016-1011, CVE-2016-1016, CVE-2016-1017 y CVE-2016-1031." } ], "evaluatorComment": "CWE-416: Use After Free", "id": "CVE-2016-1013", "lastModified": "2024-11-21T02:45:35.670", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-04-09T01:59:29.213", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/85926" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035509" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" }, { "source": "psirt@adobe.com", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/39778/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/85926" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035509" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/39778/" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2024-11-21 02:51
Severity ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, and CVE-2016-4231.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, and CVE-2016-4231." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230 y CVE-2016-4231." } ], "id": "CVE-2016-4248", "lastModified": "2024-11-21T02:51:43.660", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T02:00:54.687", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91719" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91719" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-04-09 01:59
Modified
2024-11-21 02:45
Severity ?
Summary
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, and CVE-2016-1033.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "DBB40E98-5A3C-4D4E-BF35-66D8490D6B96", "versionEndIncluding": "11.2.202.577", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EAB15A84-C6CE-4B87-B058-1ACAF56D96A5", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "68F6E54E-28D2-460A-9167-8BD0D3283E26", "versionEndIncluding": "18.0.0.333", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "0303DA1C-3C95-4E68-B654-579A302FDF62", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "9B384454-A4B4-4E57-8B0C-2B7BB8DCC545", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "7B5CCFA5-1620-4BC0-ABC3-10F6CFC2D7FB", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "5C86F836-BD68-4B24-87F0-536D61670256", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "B2F4F71D-DA29-43C6-B71F-26F0E1E82619", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "B1EBEC22-8E22-47A6-B3F9-2D577AFE5FA1", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, and CVE-2016-1033." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.343 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.213 en Windows y OS X y en versiones anteriores a 11.2.202.616 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente de CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029 y CVE-2016-1033." } ], "id": "CVE-2016-1032", "lastModified": "2024-11-21T02:45:38.327", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-04-09T01:59:46.563", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/85932" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035509" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/85932" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035509" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-05-09 16:29
Modified
2024-11-21 03:24
Severity ?
Summary
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Advanced Video Coding engine. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player_desktop_runtime | * | |
linux | linux_kernel | - | |
microsoft | windows | - | |
redhat | enterprise_linux | 6.0 | |
redhat | enterprise_linux_desktop | 6.0 | |
redhat | enterprise_linux_workstation | 6.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "468D7461-525B-4955-86D3-634AD5F67D8B", "versionEndIncluding": "25.0.0.163", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "F993D3FB-20C2-45F9-B12A-C3B43626BE87", "versionEndIncluding": "25.0.0.148", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E1797469-2189-46B4-B989-65C723FB94DE", "versionEndIncluding": "25.0.0.148", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "5911F9A3-8BF4-41EC-A676-0B82E2BB955D", "versionEndIncluding": "25.0.0.148", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "388C1F56-BCBB-486E-8782-322283207C1F", "versionEndIncluding": "25.0.0.148", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Advanced Video Coding engine. Successful exploitation could lead to arbitrary code execution." }, { "lang": "es", "value": "Flash Player versiones 25.0.0.148 y anteriores de Adobe, presenta una vulnerabilidad de corrupci\u00f3n de memoria explotable en el motor de Codificaci\u00f3n de V\u00eddeo Avanzada. La explotaci\u00f3n con \u00e9xito podr\u00eda conllevar a la ejecuci\u00f3n de c\u00f3digo arbitraria." } ], "id": "CVE-2017-3068", "lastModified": "2024-11-21T03:24:45.967", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-05-09T16:29:00.200", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/98349" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1038427" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2017:1219" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-15.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201705-12" }, { "source": "psirt@adobe.com", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/42017/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/98349" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1038427" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2017:1219" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-15.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201705-12" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/42017/" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 01:59
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245 y CVE-2016-4246." } ], "id": "CVE-2016-4184", "lastModified": "2024-11-21T02:51:34.787", "metrics": { "cvssMetricV2": [ { "acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T01:59:53.770", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-09-14 18:59
Modified
2024-11-21 02:57
Severity ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, and CVE-2016-6932.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player_desktop_runtime | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "E7CA6039-558F-4C74-95A6-5C651DD6884D", "versionEndIncluding": "11.2.202.632", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "15F5093D-7418-4D20-BFBA-081D69D7AE7F", "versionEndIncluding": "22.0.0.211", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "CE5BB30B-7DE2-469E-AF95-D552C2BF15F8", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "186A94B2-FFE5-48FF-BADA-0A8083C6CD3D", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "7DB6BA20-BD01-4169-AFE3-07DEB17381C9", "versionEndIncluding": "18.0.0.366", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "156F0DBE-F62C-4596-BF96-9E1224B74494", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, and CVE-2016-6932." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.375 y 19.x hasta la versi\u00f3n 23.x en versiones anteriores a 23.0.0.162 en Windows y OS X y en versiones anteriores a 11.2.202.635 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930 y CVE-2016-6932." } ], "id": "CVE-2016-6931", "lastModified": "2024-11-21T02:57:07.630", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-09-14T18:59:26.970", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/92927" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/92927" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 01:59
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245 y CVE-2016-4246." } ], "id": "CVE-2016-4172", "lastModified": "2024-11-21T02:51:32.830", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T01:59:41.533", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-06-16 14:59
Modified
2024-11-21 02:51
Severity ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EC2F8B78-73CC-44EC-BACF-A2878252992B", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "363B5A6C-BEE3-4141-8CDD-C1EA06FAD441", "versionEndIncluding": "11.2.202.621", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "80E80DEC-4724-49F4-BD19-4687A83CA56E", "versionEndIncluding": "18.0.0.352", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E51D60E3-00C6-459E-B2B9-CA7E25D02FDA", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "AEBB9124-E2D5-435E-A59A-9B250374ABD6", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "39AF0D5D-0C43-4290-B815-19DB07A2FC1A", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F", "vulnerable": true }, { "criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*", "matchCriteriaId": "028ABA8F-4E7B-4CD0-B6FC-3A0941E254BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "ED540469-C4DD-485D-9B89-6877B2A74217", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." }, { "lang": "es", "value": "Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librer\u00edas Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos, una vulnerabiliad diferente a otras CVEs listadas en MS16-083." } ], "id": "CVE-2016-4155", "lastModified": "2024-11-21T02:51:30.350", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-06-16T14:59:37.563", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 01:59
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4172, CVE-2016-4175, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245 y CVE-2016-4246." } ], "id": "CVE-2016-4179", "lastModified": "2024-11-21T02:51:34.017", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T01:59:48.770", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "psirt@adobe.com", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/40102/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/40102/" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-06-16 14:59
Modified
2024-11-21 02:51
Severity ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "39AF0D5D-0C43-4290-B815-19DB07A2FC1A", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EC2F8B78-73CC-44EC-BACF-A2878252992B", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E51D60E3-00C6-459E-B2B9-CA7E25D02FDA", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_11:*:*", "matchCriteriaId": "B1E62C9B-698D-4B21-B513-11F59AC95187", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "363B5A6C-BEE3-4141-8CDD-C1EA06FAD441", "versionEndIncluding": "11.2.202.621", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "80E80DEC-4724-49F4-BD19-4687A83CA56E", "versionEndIncluding": "18.0.0.352", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F", "vulnerable": true }, { "criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*", "matchCriteriaId": "028ABA8F-4E7B-4CD0-B6FC-3A0941E254BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "ED540469-C4DD-485D-9B89-6877B2A74217", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:-:*:*:*:*:*:*:*", "matchCriteriaId": "6EC5FACD-13BC-44E3-8EE1-032CE02760DF", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*", "matchCriteriaId": "232581CC-130A-4C62-A7E9-2EC9A9364D53", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "C6CE5198-C498-4672-AF4C-77AB4BE06C5C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:r2:*:*:*:*:*:*", "matchCriteriaId": "5F2558DF-2D1F-46BA-ABF1-08522D33268E", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." }, { "lang": "es", "value": "Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librer\u00edas Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos, una vulnerabiliad diferente a otras CVEs listadas en MS16-083." } ], "id": "CVE-2016-4142", "lastModified": "2024-11-21T02:51:28.310", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-06-16T14:59:23.793", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "psirt@adobe.com", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2018-08-29 13:29
Modified
2024-11-21 03:45
Severity ?
Summary
Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
References
▼ | URL | Tags | |
---|---|---|---|
psirt@adobe.com | http://www.securityfocus.com/bid/105066 | Third Party Advisory, VDB Entry | |
psirt@adobe.com | http://www.securitytracker.com/id/1041448 | Third Party Advisory, VDB Entry | |
psirt@adobe.com | https://access.redhat.com/errata/RHSA-2018:2435 | Third Party Advisory | |
psirt@adobe.com | https://helpx.adobe.com/security/products/flash-player/apsb18-25.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/105066 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041448 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:2435 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/flash-player/apsb18-25.html | Patch, Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
redhat | enterprise_linux_desktop | 6.0 | |
redhat | enterprise_linux_server | 6.0 | |
redhat | enterprise_linux_workstation | 6.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "3DC58E15-92D4-49D5-83B6-662CD26A9DBF", "versionEndIncluding": "30.0.0.154", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "AB14B614-3CE9-4135-B321-03994AA6DABB", "versionEndIncluding": "30.0.0.154", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "B589DCE5-9EDF-4B55-BCA8-124C21AC7A46", "versionEndIncluding": "30.0.0.154", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_11:*:*", "matchCriteriaId": "F818E7DE-D510-46FF-A43A-F323BE63FE07", "versionEndIncluding": "30.0.0.154", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure." }, { "lang": "es", "value": "Adobe Flash Player, en versiones 30.0.0.134 y anteriores, tiene una vulnerabilidad de lectura fuera de l\u00edmites. Su explotaci\u00f3n con \u00e9xito podr\u00eda resultar en una divulgaci\u00f3n de informaci\u00f3n." } ], "id": "CVE-2018-12824", "lastModified": "2024-11-21T03:45:53.637", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "exploitabilityScore": 2.2, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-08-29T13:29:00.997", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/105066" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1041448" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:2435" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/105066" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1041448" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:2435" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-25.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-125" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-03-14 16:59
Modified
2024-11-21 03:24
Severity ?
Summary
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK API functionality related to timeline interactions. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "6F017128-1329-4EA4-9E6F-EFC279D1A296", "versionEndIncluding": "24.0.0.221", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "68A43DA8-9EE3-4423-9E01-7AEE3DD378DD", "versionEndIncluding": "24.0.0.221", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "C5EFFCBC-AB30-47D8-ACC5-91FDB5F733C6", "versionEndIncluding": "24.0.0.221", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "B72F98B2-B74E-4F12-9415-F0B94035F273", "versionEndIncluding": "24.0.0.221", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK API functionality related to timeline interactions. Successful exploitation could lead to arbitrary code execution." }, { "lang": "es", "value": "Adobe Flash Player versi\u00f3n 24.0.0.221 y versiones anteriores tienen una vulnerabilidad de corrupci\u00f3n de memoria explotable en la funcionalidad Primetime TVSDK API relacionada con interacciones de la l\u00ednea del tiempo. Una explotaci\u00f3n exitosa podr\u00eda resultar en ejecuci\u00f3n de c\u00f3digo arbitrario." } ], "id": "CVE-2017-2998", "lastModified": "2024-11-21T03:24:37.020", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-03-14T16:59:00.257", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0526.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/96866" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037994" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-07.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201703-02" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0526.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/96866" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037994" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-07.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201703-02" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2024-11-21 02:51
Severity ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, and CVE-2016-4248.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, and CVE-2016-4248." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes ejecutar un c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230 y CVE-2016-4248." } ], "id": "CVE-2016-4231", "lastModified": "2024-11-21T02:51:41.027", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T02:00:38.873", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91719" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "source": "psirt@adobe.com", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/40356/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91719" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/40356/" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-03-12 15:59
Modified
2024-11-21 02:42
Severity ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | air | * | |
android | - | ||
adobe | air_sdk | * | |
samsung | x14j_firmware | t-ms14jakucb-1102.5 | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "7DB17574-F635-4CD2-97CD-92802EB88D83", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*", "matchCriteriaId": "026FF3B7-3C8D-42CA-AA19-678245A98619", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "00014504-21F2-4868-A17F-2B46E8F5D4B2", "versionEndIncluding": "20.0.0.260", "vulnerable": true }, { "criteria": "cpe:2.3:o:samsung:x14j_firmware:t-ms14jakucb-1102.5:*:*:*:*:*:*:*", "matchCriteriaId": "3A5867B4-EC19-45D4-87BE-867E1D41ECD5", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "FE45C4DB-E4D8-4AF7-9F13-963C62121EFF", "versionEndIncluding": "11.2.202.569", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "759CBC1F-B487-4562-9846-73B9D5DB2278", "versionEndIncluding": "20.2.2.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "AA526566-68B7-44D8-9886-41EE8E6C328B", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "56042C70-3EDA-47F9-AF4E-585659142AF7", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "F8FC6A7D-B68A-45D6-8AAA-97B0D88DA0A5", "versionEndIncluding": "20.0.0.260", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "602FF6D7-8811-443C-83F3-1306965872D7", "versionEndIncluding": "20.0.0.260", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.333 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.182 en Windows y OS X y en versiones anteriores a 11.2.202.577 en Linux, Adobe AIR en versiones anteriores a 21.0.0.176, Adobe AIR SDK en versiones anteriores a 21.0.0.176 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 21.0.0.176 permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-0987, CVE-2016-0988, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999 y CVE-2016-1000." } ], "evaluatorComment": "CWE-416: Use After Free", "id": "CVE-2016-0990", "lastModified": "2024-11-21T02:42:47.750", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-03-12T15:59:10.977", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84312" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035251" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84312" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035251" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-07-17 13:18
Modified
2024-11-21 03:24
Severity ?
Summary
Adobe Flash Player versions 26.0.0.131 and earlier have a security bypass vulnerability related to the Flash API used by Internet Explorer. Successful exploitation could lead to information disclosure.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "0D0B7A7C-BCAE-47E5-942D-45434E6F5770", "versionEndIncluding": "26.0.0.131", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "CDD1AB8B-529C-49C1-B7EA-28AB75C47B6F", "versionEndIncluding": "26.0.0.120", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "D4284037-6379-4D41-AFFA-CE2348981788", "versionEndIncluding": "26.0.0.120", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "C0BE88AA-85AC-41A3-B032-43BF5797A662", "versionEndIncluding": "26.0.0.131", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 26.0.0.131 and earlier have a security bypass vulnerability related to the Flash API used by Internet Explorer. Successful exploitation could lead to information disclosure." }, { "lang": "es", "value": "Las versiones 26.0.0.131 y anteriores de Adobe Flash Player, presentan una vulnerabilidad de omisi\u00f3n de seguridad relacionada con la API Flash utilizada por Internet Explorer. Una explotaci\u00f3n con \u00e9xito conllevar\u00eda a la divulgaci\u00f3n de informaci\u00f3n." } ], "id": "CVE-2017-3080", "lastModified": "2024-11-21T03:24:47.597", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-07-17T13:18:26.110", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/99519" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1038845" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2017:1731" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-21.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201707-15" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/99519" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1038845" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2017:1731" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-21.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201707-15" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-04-09 01:59
Modified
2024-11-21 02:45
Severity ?
Summary
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "DBB40E98-5A3C-4D4E-BF35-66D8490D6B96", "versionEndIncluding": "11.2.202.577", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EAB15A84-C6CE-4B87-B058-1ACAF56D96A5", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "68F6E54E-28D2-460A-9167-8BD0D3283E26", "versionEndIncluding": "18.0.0.333", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "0303DA1C-3C95-4E68-B654-579A302FDF62", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "9B384454-A4B4-4E57-8B0C-2B7BB8DCC545", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "7B5CCFA5-1620-4BC0-ABC3-10F6CFC2D7FB", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "5C86F836-BD68-4B24-87F0-536D61670256", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "B2F4F71D-DA29-43C6-B71F-26F0E1E82619", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "B1EBEC22-8E22-47A6-B3F9-2D577AFE5FA1", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.343 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.213 en Windows y OS X y en versiones anteriores a 11.2.202.616 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente de CVE-2016-1012, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032 y CVE-2016-1033." } ], "id": "CVE-2016-1020", "lastModified": "2024-11-21T02:45:36.700", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-04-09T01:59:35.183", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/85932" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035509" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/85932" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035509" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-03-12 15:59
Modified
2024-11-21 02:42
Severity ?
Summary
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | air | * | |
android | - | ||
adobe | air_sdk | * | |
samsung | x14j_firmware | t-ms14jakucb-1102.5 | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "7DB17574-F635-4CD2-97CD-92802EB88D83", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*", "matchCriteriaId": "026FF3B7-3C8D-42CA-AA19-678245A98619", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "00014504-21F2-4868-A17F-2B46E8F5D4B2", "versionEndIncluding": "20.0.0.260", "vulnerable": true }, { "criteria": "cpe:2.3:o:samsung:x14j_firmware:t-ms14jakucb-1102.5:*:*:*:*:*:*:*", "matchCriteriaId": "3A5867B4-EC19-45D4-87BE-867E1D41ECD5", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "FE45C4DB-E4D8-4AF7-9F13-963C62121EFF", "versionEndIncluding": "11.2.202.569", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "759CBC1F-B487-4562-9846-73B9D5DB2278", "versionEndIncluding": "20.2.2.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "AA526566-68B7-44D8-9886-41EE8E6C328B", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "56042C70-3EDA-47F9-AF4E-585659142AF7", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "F8FC6A7D-B68A-45D6-8AAA-97B0D88DA0A5", "versionEndIncluding": "20.0.0.260", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "602FF6D7-8811-443C-83F3-1306965872D7", "versionEndIncluding": "20.0.0.260", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.333 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.182 en Windows y OS X y en versiones anteriores a 11.2.202.577 en Linux, Adobe AIR en versiones anteriores a 21.0.0.176, Adobe AIR SDK en versiones anteriores a 21.0.0.176 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 21.0.0.176 permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-0960, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002 y CVE-2016-1005." } ], "id": "CVE-2016-0961", "lastModified": "2024-11-21T02:42:43.403", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-03-12T15:59:03.773", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84311" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035251" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84311" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035251" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-02-15 06:59
Modified
2024-11-21 03:24
Severity ?
Summary
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability related to event handlers. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "72027AB8-CD81-4DC3-9898-F4CE2BAE309A", "versionEndIncluding": "24.0.0.194", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "DB881360-123D-413E-88F3-C402DD92D1D1", "versionEndIncluding": "24.0.0.194", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "A2E601B7-FB5B-4B6B-8AC3-1B7503D3DBEB", "versionEndIncluding": "24.0.0.194", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EAA0C4E6-7324-424C-A7C8-DEE39551A847", "versionEndIncluding": "24.0.0.194", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability related to event handlers. Successful exploitation could lead to arbitrary code execution." }, { "lang": "es", "value": "Adobe Flash Player, versiones 24.0.0.194 y anteriores, tienen una vulnerabilidad explotable de uso despu\u00e9s de liberaci\u00f3n relacionado con controladores de eventos. La explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario." } ], "id": "CVE-2017-2993", "lastModified": "2024-11-21T03:24:36.320", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-02-15T06:59:00.760", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/96199" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037815" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201702-20" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/96199" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037815" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201702-20" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-02-10 20:59
Modified
2024-11-21 02:42
Severity ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0982, and CVE-2016-0983.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "cisaActionDue": "2022-06-15", "cisaExploitAdd": "2022-05-25", "cisaRequiredAction": "The impacted products are end-of-life and should be disconnected if still in use.", "cisaVulnerabilityName": "Adobe Flash Player and AIR Use-After-Free Vulnerability", "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "9C8C62C1-327A-4D04-A51C-0614DB4F5493", "versionEndIncluding": "11.2.202.559", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "BAFA5674-4EBC-4587-87C6-22A522B487C6", "versionEndIncluding": "20.0.0.286", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "002CFEA6-D147-44B4-90FC-0D3C68D96082", "versionEndIncluding": "18.0.0.326", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "F40FBAAB-92FC-45AF-B656-E87ECC4C4816", "versionEndIncluding": "20.0.0.272", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "686929A4-EB67-47B6-87EC-453BCD13FE20", "versionEndIncluding": "20.0.0.286", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E823E5FE-7367-41DE-8CD7-842C5C2F53CE", "versionEndIncluding": "20.0.0.272", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "18BA497D-0C1D-451E-B54F-4028FD9B9F3B", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "F09C5C9A-0493-4601-84AE-3A9C5985231D", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "00D08966-361A-430D-9B39-ED143404EBF6", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0982, and CVE-2016-0983." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.329 y 19.x y 20.x en versiones anteriores a 20.0.0.306 en Windows y OS X y en versiones anteriores a 11.2.202.569 en Linux, Adobe AIR en versiones anteriores a 20.0.0.260, Adobe AIR SDK en versiones anteriores a 20.0.0.260 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 20.0.0.260 permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0982 y CVE-2016-0983." } ], "id": "CVE-2016-0984", "lastModified": "2024-11-21T02:42:46.840", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-02-10T20:59:32.563", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1034970" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "psirt@adobe.com", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/39462/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1034970" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/39462/" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Undergoing Analysis", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-03-12 15:59
Modified
2024-11-21 02:42
Severity ?
Summary
Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0963 and CVE-2016-1010.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | air | * | |
android | - | ||
adobe | air_sdk | * | |
samsung | x14j_firmware | t-ms14jakucb-1102.5 | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "7DB17574-F635-4CD2-97CD-92802EB88D83", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*", "matchCriteriaId": "026FF3B7-3C8D-42CA-AA19-678245A98619", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "00014504-21F2-4868-A17F-2B46E8F5D4B2", "versionEndIncluding": "20.0.0.260", "vulnerable": true }, { "criteria": "cpe:2.3:o:samsung:x14j_firmware:t-ms14jakucb-1102.5:*:*:*:*:*:*:*", "matchCriteriaId": "3A5867B4-EC19-45D4-87BE-867E1D41ECD5", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "FE45C4DB-E4D8-4AF7-9F13-963C62121EFF", "versionEndIncluding": "11.2.202.569", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "759CBC1F-B487-4562-9846-73B9D5DB2278", "versionEndIncluding": "20.2.2.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "AA526566-68B7-44D8-9886-41EE8E6C328B", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "56042C70-3EDA-47F9-AF4E-585659142AF7", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "F8FC6A7D-B68A-45D6-8AAA-97B0D88DA0A5", "versionEndIncluding": "20.0.0.260", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "602FF6D7-8811-443C-83F3-1306965872D7", "versionEndIncluding": "20.0.0.260", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0963 and CVE-2016-1010." }, { "lang": "es", "value": "Desbordamiento de entero en Adobe Flash Player en versiones anteriores a 18.0.0.333 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.182 en Windows y OS X y en versiones anteriores a 11.2.202.577 en Linux, Adobe AIR en versiones anteriores a 21.0.0.176, Adobe AIR SDK en versiones anteriores a 21.0.0.176 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 21.0.0.176 permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-0963 y CVE-2016-1010." } ], "id": "CVE-2016-0993", "lastModified": "2024-11-21T02:42:48.200", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-03-12T15:59:13.743", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84308" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035251" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84308" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035251" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-190" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2019-05-22 19:29
Modified
2024-11-21 04:48
Severity ?
Summary
Adobe Flash Player versions 32.0.0.171 and earlier, 32.0.0.171 and earlier, and 32.0.0.171 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags | |
---|---|---|---|
psirt@adobe.com | http://www.securityfocus.com/bid/108312 | Third Party Advisory, VDB Entry | |
psirt@adobe.com | https://access.redhat.com/errata/RHSA-2019:1234 | Third Party Advisory | |
psirt@adobe.com | https://helpx.adobe.com/security/products/flash-player/apsb19-26.html | Vendor Advisory | |
psirt@adobe.com | https://www.zerodayinitiative.com/advisories/ZDI-19-498/ | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108312 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2019:1234 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/flash-player/apsb19-26.html | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.zerodayinitiative.com/advisories/ZDI-19-498/ | Third Party Advisory, VDB Entry |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
redhat | enterprise_linux_desktop | 6.0 | |
redhat | enterprise_linux_server | 6.0 | |
redhat | enterprise_linux_workstation | 6.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "6D3DE96E-616F-42C0-863D-A64075FCD71E", "versionEndIncluding": "32.0.0.171", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "BE616D48-27F4-44A6-AC20-8C1B05C8D3FB", "versionEndIncluding": "32.0.0.171", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "6CE7382F-6EA8-46FF-B1C3-D598EB4E5F25", "versionEndIncluding": "32.0.0.171", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_11:*:*", "matchCriteriaId": "F6BC265A-4089-4038-83F4-6955A022E092", "versionEndIncluding": "32.0.0.171", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 32.0.0.171 and earlier, 32.0.0.171 and earlier, and 32.0.0.171 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution." }, { "lang": "es", "value": "Adobe Flash Player versiones 32.0.0.171 y anteriores, versiones 32.0.0.171 y anteriores, y versiones 32.0.0.171 y anteriores, tienen una vulnerabilidad de uso de memoria despu\u00e9s de liberada. Su explotaci\u00f3n exitosa podr\u00eda llevar a la ejecuci\u00f3n de c\u00f3digo arbitrario." } ], "id": "CVE-2019-7837", "lastModified": "2024-11-21T04:48:49.977", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2019-05-22T19:29:00.767", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/108312" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2019:1234" }, { "source": "psirt@adobe.com", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb19-26.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-498/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/108312" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2019:1234" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb19-26.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-498/" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-06-16 14:59
Modified
2024-11-21 02:51
Severity ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "39AF0D5D-0C43-4290-B815-19DB07A2FC1A", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EC2F8B78-73CC-44EC-BACF-A2878252992B", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E51D60E3-00C6-459E-B2B9-CA7E25D02FDA", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_11:*:*", "matchCriteriaId": "B1E62C9B-698D-4B21-B513-11F59AC95187", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "363B5A6C-BEE3-4141-8CDD-C1EA06FAD441", "versionEndIncluding": "11.2.202.621", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "80E80DEC-4724-49F4-BD19-4687A83CA56E", "versionEndIncluding": "18.0.0.352", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F", "vulnerable": true }, { "criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*", "matchCriteriaId": "028ABA8F-4E7B-4CD0-B6FC-3A0941E254BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "ED540469-C4DD-485D-9B89-6877B2A74217", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:-:*:*:*:*:*:*:*", "matchCriteriaId": "6EC5FACD-13BC-44E3-8EE1-032CE02760DF", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*", "matchCriteriaId": "232581CC-130A-4C62-A7E9-2EC9A9364D53", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "C6CE5198-C498-4672-AF4C-77AB4BE06C5C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:r2:*:*:*:*:*:*", "matchCriteriaId": "5F2558DF-2D1F-46BA-ABF1-08522D33268E", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." }, { "lang": "es", "value": "Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librer\u00edas Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos, una vulnerabiliad diferente a otras CVEs listadas en MS16-083." } ], "id": "CVE-2016-4144", "lastModified": "2024-11-21T02:51:28.610", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-06-16T14:59:26.123", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "psirt@adobe.com", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-09-14 18:59
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-4277 and CVE-2016-4278, aka a "local-with-filesystem Flash sandbox bypass" issue.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player_desktop_runtime | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "E7CA6039-558F-4C74-95A6-5C651DD6884D", "versionEndIncluding": "11.2.202.632", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "15F5093D-7418-4D20-BFBA-081D69D7AE7F", "versionEndIncluding": "22.0.0.211", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "CE5BB30B-7DE2-469E-AF95-D552C2BF15F8", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "186A94B2-FFE5-48FF-BADA-0A8083C6CD3D", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "7DB6BA20-BD01-4169-AFE3-07DEB17381C9", "versionEndIncluding": "18.0.0.366", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "156F0DBE-F62C-4596-BF96-9E1224B74494", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-4277 and CVE-2016-4278, aka a \"local-with-filesystem Flash sandbox bypass\" issue." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.375 y 19.x hasta la versi\u00f3n 23.x en versiones anteriores a 23.0.0.162 en Windows y SO X y en versiones anteriores a 11.2.202.635 en Linux permite a atacantes eludir restricciones destinadas al acceso y obtener informaci\u00f3n sensible a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4277 y CVE-2016-4278, vulnerabilidad tambi\u00e9n conocida como un problema \"local-with-filesystem Flash sandbox bypass\"." } ], "id": "CVE-2016-4271", "lastModified": "2024-11-21T02:51:46.240", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-09-14T18:59:00.153", "references": [ { "source": "cve@mitre.org", "tags": [ "Broken Link", "Technical Description", "Third Party Advisory" ], "url": "http://lab.truel.it/flash-sandbox-bypass/" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "cve@mitre.org", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://blog.bjornweb.nl/2017/02/flash-bypassing-local-sandbox-data-exfiltration-credentials-leak/" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Technical Description", "Third Party Advisory" ], "url": "http://lab.truel.it/flash-sandbox-bypass/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://blog.bjornweb.nl/2017/02/flash-bypassing-local-sandbox-data-exfiltration-credentials-leak/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989, and CVE-2016-6990.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player_desktop_runtime | * | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "AC8E6823-74A6-4013-8719-3AECCD82E528", "versionEndIncluding": "23.0.0.162", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "44F8E3B1-C71C-4402-B58C-B6AEA1F9D123", "versionEndIncluding": "23.0.0.162", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "FF98FA22-5DF9-4408-946F-14F23F83B397", "versionEndIncluding": "23.0.0.162", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "0C7D71FC-0E0F-40CF-B6D1-ED900D0E1D1E", "versionEndIncluding": "18.0.0.375", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "9354C77F-09CA-4B4A-9775-54E5B78B045C", "versionEndIncluding": "23.0.0.162", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:linux:*:*", "matchCriteriaId": "8783B83A-0C8C-495E-BD14-C0857D9FB29D", "versionEndIncluding": "11.2.202.635", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989, and CVE-2016-6990." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.382 y 19.x hasta la versi\u00f3n 23.x en versiones anteriores a 23.0.0.185 en Windows y OS X y en versiones anteriores a 11.2.202.637 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989 y CVE-2016-6990." } ], "id": "CVE-2016-4273", "lastModified": "2024-11-21T02:51:46.550", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-10-13T19:59:04.483", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/93490" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036985" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "source": "psirt@adobe.com", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/40510/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/93490" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036985" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/40510/" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-04-09 01:59
Modified
2024-11-21 02:45
Severity ?
Summary
Use-after-free vulnerability in the Transform object implementation in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via a flash.geom.Matrix callback, a different vulnerability than CVE-2016-1011, CVE-2016-1013, CVE-2016-1017, and CVE-2016-1031.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "DBB40E98-5A3C-4D4E-BF35-66D8490D6B96", "versionEndIncluding": "11.2.202.577", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EAB15A84-C6CE-4B87-B058-1ACAF56D96A5", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "68F6E54E-28D2-460A-9167-8BD0D3283E26", "versionEndIncluding": "18.0.0.333", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "0303DA1C-3C95-4E68-B654-579A302FDF62", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "9B384454-A4B4-4E57-8B0C-2B7BB8DCC545", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "7B5CCFA5-1620-4BC0-ABC3-10F6CFC2D7FB", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "5C86F836-BD68-4B24-87F0-536D61670256", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "B2F4F71D-DA29-43C6-B71F-26F0E1E82619", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "B1EBEC22-8E22-47A6-B3F9-2D577AFE5FA1", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in the Transform object implementation in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via a flash.geom.Matrix callback, a different vulnerability than CVE-2016-1011, CVE-2016-1013, CVE-2016-1017, and CVE-2016-1031." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en la implementaci\u00f3n del objeto Transform en Adobe Flash Player en versiones anteriores a 18.0.0.343 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.213 en Windows y OS X y en versiones anteriores a 11.2.202.616 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de una llamada de retorno flash.geom.Matrix, una vulnerabilidad diferente a CVE-2016-1011, CVE-2016-1013, CVE-2016-1017 y CVE-2016-1031." } ], "id": "CVE-2016-1016", "lastModified": "2024-11-21T02:45:36.110", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-04-09T01:59:31.980", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/85926" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035509" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-226/" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/85926" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035509" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-226/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-06-16 14:59
Modified
2024-11-21 02:51
Severity ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "39AF0D5D-0C43-4290-B815-19DB07A2FC1A", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EC2F8B78-73CC-44EC-BACF-A2878252992B", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E51D60E3-00C6-459E-B2B9-CA7E25D02FDA", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_11:*:*", "matchCriteriaId": "B1E62C9B-698D-4B21-B513-11F59AC95187", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "363B5A6C-BEE3-4141-8CDD-C1EA06FAD441", "versionEndIncluding": "11.2.202.621", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "80E80DEC-4724-49F4-BD19-4687A83CA56E", "versionEndIncluding": "18.0.0.352", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F", "vulnerable": true }, { "criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*", "matchCriteriaId": "028ABA8F-4E7B-4CD0-B6FC-3A0941E254BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "ED540469-C4DD-485D-9B89-6877B2A74217", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:-:*:*:*:*:*:*:*", "matchCriteriaId": "6EC5FACD-13BC-44E3-8EE1-032CE02760DF", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*", "matchCriteriaId": "232581CC-130A-4C62-A7E9-2EC9A9364D53", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "C6CE5198-C498-4672-AF4C-77AB4BE06C5C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:r2:*:*:*:*:*:*", "matchCriteriaId": "5F2558DF-2D1F-46BA-ABF1-08522D33268E", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." }, { "lang": "es", "value": "Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librer\u00edas Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos, una vulnerabiliad diferente a otras CVEs listadas en MS16-083." } ], "id": "CVE-2016-4138", "lastModified": "2024-11-21T02:51:27.713", "metrics": { "cvssMetricV2": [ { "acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-06-16T14:59:19.467", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "psirt@adobe.com", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" }, { "source": "psirt@adobe.com", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/40090/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/40090/" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-09-14 18:59
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-6922, and CVE-2016-6924.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player_desktop_runtime | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "E7CA6039-558F-4C74-95A6-5C651DD6884D", "versionEndIncluding": "11.2.202.632", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "15F5093D-7418-4D20-BFBA-081D69D7AE7F", "versionEndIncluding": "22.0.0.211", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "CE5BB30B-7DE2-469E-AF95-D552C2BF15F8", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "186A94B2-FFE5-48FF-BADA-0A8083C6CD3D", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "7DB6BA20-BD01-4169-AFE3-07DEB17381C9", "versionEndIncluding": "18.0.0.366", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "156F0DBE-F62C-4596-BF96-9E1224B74494", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-6922, and CVE-2016-6924." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.375 y 19.x hasta la versi\u00f3n 23.x en versiones anteriores a 23.0.0.162 en Windows y OS X y en versiones anteriores a 11.2.202.635 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-6922 y CVE-2016-6924." } ], "id": "CVE-2016-4285", "lastModified": "2024-11-21T02:51:48.160", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-09-14T18:59:15.670", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/92930" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/92930" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-06-16 14:59
Modified
2024-11-21 02:51
Severity ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EC2F8B78-73CC-44EC-BACF-A2878252992B", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "363B5A6C-BEE3-4141-8CDD-C1EA06FAD441", "versionEndIncluding": "11.2.202.621", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "80E80DEC-4724-49F4-BD19-4687A83CA56E", "versionEndIncluding": "18.0.0.352", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E51D60E3-00C6-459E-B2B9-CA7E25D02FDA", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "AEBB9124-E2D5-435E-A59A-9B250374ABD6", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "39AF0D5D-0C43-4290-B815-19DB07A2FC1A", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F", "vulnerable": true }, { "criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*", "matchCriteriaId": "028ABA8F-4E7B-4CD0-B6FC-3A0941E254BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "ED540469-C4DD-485D-9B89-6877B2A74217", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." }, { "lang": "es", "value": "Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librer\u00edas Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos, una vulnerabiliad diferente a otras CVEs listadas en MS16-083." } ], "id": "CVE-2016-4152", "lastModified": "2024-11-21T02:51:29.870", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-06-16T14:59:34.420", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-09-14 18:59
Modified
2024-11-21 02:57
Severity ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6931, and CVE-2016-6932.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player_desktop_runtime | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "E7CA6039-558F-4C74-95A6-5C651DD6884D", "versionEndIncluding": "11.2.202.632", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "15F5093D-7418-4D20-BFBA-081D69D7AE7F", "versionEndIncluding": "22.0.0.211", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "CE5BB30B-7DE2-469E-AF95-D552C2BF15F8", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "186A94B2-FFE5-48FF-BADA-0A8083C6CD3D", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "7DB6BA20-BD01-4169-AFE3-07DEB17381C9", "versionEndIncluding": "18.0.0.366", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "156F0DBE-F62C-4596-BF96-9E1224B74494", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6931, and CVE-2016-6932." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.375 y 19.x hasta la versi\u00f3n 23.x en versiones anteriores a 23.0.0.162 en Windows y OS X y en versiones anteriores a 11.2.202.635 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6931 y CVE-2016-6932." } ], "id": "CVE-2016-6930", "lastModified": "2024-11-21T02:57:07.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-09-14T18:59:26.063", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/92927" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/92927" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245 y CVE-2016-4246." } ], "id": "CVE-2016-4234", "lastModified": "2024-11-21T02:51:41.480", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T02:00:41.547", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2024-11-21 02:57
Severity ?
Summary
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989, and CVE-2016-6990.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player_desktop_runtime | * | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "AC8E6823-74A6-4013-8719-3AECCD82E528", "versionEndIncluding": "23.0.0.162", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "44F8E3B1-C71C-4402-B58C-B6AEA1F9D123", "versionEndIncluding": "23.0.0.162", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "FF98FA22-5DF9-4408-946F-14F23F83B397", "versionEndIncluding": "23.0.0.162", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "0C7D71FC-0E0F-40CF-B6D1-ED900D0E1D1E", "versionEndIncluding": "18.0.0.375", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "9354C77F-09CA-4B4A-9775-54E5B78B045C", "versionEndIncluding": "23.0.0.162", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:linux:*:*", "matchCriteriaId": "8783B83A-0C8C-495E-BD14-C0857D9FB29D", "versionEndIncluding": "11.2.202.635", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989, and CVE-2016-6990." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.382 y 19.x hasta la versi\u00f3n 23.x en versiones anteriores a 23.0.0.185 en Windows y OS X y en versiones anteriores a 11.2.202.637 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4273, CVE-2016-6982, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989 y CVE-2016-6990." } ], "id": "CVE-2016-6983", "lastModified": "2024-11-21T02:57:14.120", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-10-13T19:59:54.843", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/93490" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036985" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/93490" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036985" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-09-14 18:59
Modified
2024-11-21 02:57
Severity ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player_desktop_runtime | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "E7CA6039-558F-4C74-95A6-5C651DD6884D", "versionEndIncluding": "11.2.202.632", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "15F5093D-7418-4D20-BFBA-081D69D7AE7F", "versionEndIncluding": "22.0.0.211", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "CE5BB30B-7DE2-469E-AF95-D552C2BF15F8", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "186A94B2-FFE5-48FF-BADA-0A8083C6CD3D", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "7DB6BA20-BD01-4169-AFE3-07DEB17381C9", "versionEndIncluding": "18.0.0.366", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "156F0DBE-F62C-4596-BF96-9E1224B74494", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.375 y 19.x hasta la versi\u00f3n 23.x en versiones anteriores a 23.0.0.162 en Windows y OS X y en versiones anteriores a 11.2.202.635 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4272, CVE-2016-4279, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931 y CVE-2016-6932." } ], "id": "CVE-2016-6921", "lastModified": "2024-11-21T02:57:06.383", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-09-14T18:59:17.593", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/92927" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/92927" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-04-09 01:59
Modified
2024-11-21 02:45
Severity ?
Summary
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "DBB40E98-5A3C-4D4E-BF35-66D8490D6B96", "versionEndIncluding": "11.2.202.577", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EAB15A84-C6CE-4B87-B058-1ACAF56D96A5", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "68F6E54E-28D2-460A-9167-8BD0D3283E26", "versionEndIncluding": "18.0.0.333", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "0303DA1C-3C95-4E68-B654-579A302FDF62", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "9B384454-A4B4-4E57-8B0C-2B7BB8DCC545", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "7B5CCFA5-1620-4BC0-ABC3-10F6CFC2D7FB", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "5C86F836-BD68-4B24-87F0-536D61670256", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "B2F4F71D-DA29-43C6-B71F-26F0E1E82619", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "B1EBEC22-8E22-47A6-B3F9-2D577AFE5FA1", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.343 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.213 en Windows y OS X y en versiones anteriores a 11.2.202.616 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032 y CVE-2016-1033." } ], "id": "CVE-2016-1023", "lastModified": "2024-11-21T02:45:37.110", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-04-09T01:59:37.903", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/85932" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035509" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/85932" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035509" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-03-04 23:59
Modified
2024-11-21 02:38
Severity ?
Summary
Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8654, CVE-2015-8657, CVE-2015-8658, and CVE-2015-8820.
References
▼ | URL | Tags | |
---|---|---|---|
psirt@adobe.com | http://www.securityfocus.com/bid/84160 | Broken Link, Third Party Advisory, VDB Entry | |
psirt@adobe.com | http://www.zerodayinitiative.com/advisories/ZDI-15-659 | Third Party Advisory, VDB Entry | |
psirt@adobe.com | https://helpx.adobe.com/security/products/flash-player/apsb15-32.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/84160 | Broken Link, Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.zerodayinitiative.com/advisories/ZDI-15-659 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/flash-player/apsb15-32.html | Patch, Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air | * | |
android | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "A02328C4-D810-4774-8F28-2B5FB6C7CDB5", "versionEndIncluding": "11.2.202.548", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "60921187-5894-4500-A822-02986DC497C9", "versionEndIncluding": "19.0.0.245", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "40DB16C2-C074-4BA5-BAC3-7BF751724E01", "versionEndIncluding": "18.0.0.261", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*", "matchCriteriaId": "0D229E41-A971-4284-9657-16D78414B93F", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "9A6F84D7-62F0-45C0-962B-5EC8946B67AA", "versionEndIncluding": "19.0.0.245", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "82EBB50D-BFC5-4165-A673-D98BD23C79C8", "versionEndIncluding": "19.0.0.245", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "C5C96375-3919-417F-ADDC-657F3676EF91", "versionEndIncluding": "19.0.0.245", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "BADDF83B-C087-49E8-A628-171106018227", "versionEndIncluding": "19.0.0.241", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "89A1DBA3-8B4E-4832-8D39-6490CD99FE6B", "versionEndIncluding": "19.0.0.241", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "7C30B2BE-C291-495C-B7A8-A27492BE7177", "versionEndIncluding": "19.0.0.241", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*", "matchCriteriaId": "044936DC-41A9-407F-BE64-B0D6FD7F501E", "versionEndIncluding": "19.0.0.241", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK \u0026 Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8654, CVE-2015-8657, CVE-2015-8658, and CVE-2015-8820." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.268 y 19.x y 20.x en versiones anteriores a 20.0.0.228 en Windows y OS X y en versiones anteriores a 11.2.202.554 en Linux, Adobe AIR en versiones anteriores a 20.0.0.204, Adobe AIR SDK en versiones anteriores a 20.0.0.204 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 20.0.0.204 permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (lectura fuera de rango y corrupci\u00f3n de memoria) a trav\u00e9s de datos MPEG-4 manipulados, una vulnerabilidad diferente a CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8654, CVE-2015-8657, CVE-2015-8658 y CVE-2015-8820." } ], "id": "CVE-2015-8656", "lastModified": "2024-11-21T02:38:54.470", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-03-04T23:59:05.390", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84160" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-659" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84160" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-659" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-03-14 16:59
Modified
2024-11-21 03:24
Severity ?
Summary
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable buffer overflow / underflow vulnerability in the Primetime TVSDK that supports customizing ad information. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "6F017128-1329-4EA4-9E6F-EFC279D1A296", "versionEndIncluding": "24.0.0.221", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "68A43DA8-9EE3-4423-9E01-7AEE3DD378DD", "versionEndIncluding": "24.0.0.221", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "C5EFFCBC-AB30-47D8-ACC5-91FDB5F733C6", "versionEndIncluding": "24.0.0.221", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "B72F98B2-B74E-4F12-9415-F0B94035F273", "versionEndIncluding": "24.0.0.221", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable buffer overflow / underflow vulnerability in the Primetime TVSDK that supports customizing ad information. Successful exploitation could lead to arbitrary code execution." }, { "lang": "es", "value": "Adobe Flash Player versi\u00f3n 24.0.0.221 y versiones anteriores tienen una vulnerabilidad de desbordamiento/vaciado de b\u00fafer explotable en el Primetime TVSDK que permite personalizar la informaci\u00f3n del anuncio. Una explotaci\u00f3n exitosa puede resultar en ejecuci\u00f3n de c\u00f3digo arbitrario." } ], "id": "CVE-2017-2997", "lastModified": "2024-11-21T03:24:36.903", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-03-14T16:59:00.223", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0526.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/96860" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037994" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-07.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201703-02" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0526.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/96860" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037994" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-07.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201703-02" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245 y CVE-2016-4246." } ], "id": "CVE-2016-4221", "lastModified": "2024-11-21T02:51:39.600", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T02:00:29.387", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2018-05-19 17:29
Modified
2024-11-21 04:07
Severity ?
Summary
Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "E5278C46-1C86-41FF-AE07-FB960DDA5251", "versionEndIncluding": "29.0.0.113", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "EE872A2B-4118-419A-8B2A-1486BFE1F48A", "versionEndIncluding": "29.0.0.113", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "7531B60E-06FF-4F9C-90E0-71B8637D5CF0", "versionEndIncluding": "29.0.0.113", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "C58710D1-1B89-494D-8675-68A93C0ACD37", "versionEndIncluding": "29.0.0.113", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure." }, { "lang": "es", "value": "Adobe Flash Player, en versiones 29.0.0.113 y anteriores, tiene una vulnerabilidad explotable de lectura fuera de l\u00edmites. Su explotaci\u00f3n con \u00e9xito podr\u00eda resultar en una divulgaci\u00f3n de informaci\u00f3n." } ], "id": "CVE-2018-4934", "lastModified": "2024-11-21T04:07:44.500", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-05-19T17:29:01.260", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/103708" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1040648" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:1119" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-08.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201804-11" }, { "source": "psirt@adobe.com", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/44528/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/103708" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1040648" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:1119" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-08.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201804-11" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/44528/" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-125" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-12-15 06:59
Modified
2024-11-21 02:58
Severity ?
Summary
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to alternation functionality. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "CF0D14A5-39E1-4882-BB01-CEA5792A12A1", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "C9A6CB65-9F7A-4F32-BC34-F83524B7199C", "versionEndIncluding": "23.0.0.207", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "53F56649-F6A7-4CDE-B93C-5F7CB5986CB6", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "E36B0E89-5095-47A8-BF0F-68A9C37B356E", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "AA5B4F5E-0C58-42AD-8474-2FC6FAE237AB", "versionEndIncluding": "11.2.202.644", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to alternation functionality. Successful exploitation could lead to arbitrary code execution." }, { "lang": "es", "value": "Adobe Flash Player versi\u00f3n 23.0.0.207 y versiones anteriores, 11.2.202.644 y versiones anteriores tienen una vulnerabilidad explotable de desbordamiento/vaciado de b\u00fafer en la clase RegExp relacionada con la alteraci\u00f3n de la funcionalidad. Una explotaci\u00f3n exitosa puede resultar en una ejecuci\u00f3n de c\u00f3digo arbitrario." } ], "id": "CVE-2016-7868", "lastModified": "2024-11-21T02:58:37.333", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-12-15T06:59:32.190", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/94871" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037442" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-625" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/94871" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037442" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-625" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201701-17" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-02-15 06:59
Modified
2024-11-21 03:24
Severity ?
Summary
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 codec (related to decompression). Successful exploitation could lead to arbitrary code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "72027AB8-CD81-4DC3-9898-F4CE2BAE309A", "versionEndIncluding": "24.0.0.194", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "DB881360-123D-413E-88F3-C402DD92D1D1", "versionEndIncluding": "24.0.0.194", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "A2E601B7-FB5B-4B6B-8AC3-1B7503D3DBEB", "versionEndIncluding": "24.0.0.194", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EAA0C4E6-7324-424C-A7C8-DEE39551A847", "versionEndIncluding": "24.0.0.194", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 codec (related to decompression). Successful exploitation could lead to arbitrary code execution." }, { "lang": "es", "value": "Adobe Flash Player, versiones 24.0.0.194 y anteriores, tienen una vulnerabilidad explotable de corrupci\u00f3n de memoria en el c\u00f3dec h264 (relacionado con la descompresi\u00f3n). La explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario." } ], "id": "CVE-2017-2991", "lastModified": "2024-11-21T03:24:36.073", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-02-15T06:59:00.697", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/96190" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037815" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201702-20" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/96190" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037815" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201702-20" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-03-12 15:59
Modified
2024-11-21 02:42
Severity ?
Summary
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | air | * | |
android | - | ||
adobe | air_sdk | * | |
samsung | x14j_firmware | t-ms14jakucb-1102.5 | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "7DB17574-F635-4CD2-97CD-92802EB88D83", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*", "matchCriteriaId": "026FF3B7-3C8D-42CA-AA19-678245A98619", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "00014504-21F2-4868-A17F-2B46E8F5D4B2", "versionEndIncluding": "20.0.0.260", "vulnerable": true }, { "criteria": "cpe:2.3:o:samsung:x14j_firmware:t-ms14jakucb-1102.5:*:*:*:*:*:*:*", "matchCriteriaId": "3A5867B4-EC19-45D4-87BE-867E1D41ECD5", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "FE45C4DB-E4D8-4AF7-9F13-963C62121EFF", "versionEndIncluding": "11.2.202.569", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "759CBC1F-B487-4562-9846-73B9D5DB2278", "versionEndIncluding": "20.2.2.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "AA526566-68B7-44D8-9886-41EE8E6C328B", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "56042C70-3EDA-47F9-AF4E-585659142AF7", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "F8FC6A7D-B68A-45D6-8AAA-97B0D88DA0A5", "versionEndIncluding": "20.0.0.260", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "602FF6D7-8811-443C-83F3-1306965872D7", "versionEndIncluding": "20.0.0.260", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.333 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.182 en Windows y OS X y en versiones anteriores a 11.2.202.577 en Linux, Adobe AIR en versiones anteriores a 21.0.0.176, Adobe AIR SDK en versiones anteriores a 21.0.0.176 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 21.0.0.176 permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0992, CVE-2016-1002 y CVE-2016-1005." } ], "id": "CVE-2016-0989", "lastModified": "2024-11-21T02:42:47.613", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-03-12T15:59:09.963", "references": [ { "source": "psirt@adobe.com", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "source": "psirt@adobe.com", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" }, { "source": "psirt@adobe.com", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "source": "psirt@adobe.com", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84311" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035251" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84311" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035251" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-02-15 06:59
Modified
2024-11-21 03:24
Severity ?
Summary
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in the ActionScript 3 BitmapData class. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "72027AB8-CD81-4DC3-9898-F4CE2BAE309A", "versionEndIncluding": "24.0.0.194", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "DB881360-123D-413E-88F3-C402DD92D1D1", "versionEndIncluding": "24.0.0.194", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "A2E601B7-FB5B-4B6B-8AC3-1B7503D3DBEB", "versionEndIncluding": "24.0.0.194", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EAA0C4E6-7324-424C-A7C8-DEE39551A847", "versionEndIncluding": "24.0.0.194", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in the ActionScript 3 BitmapData class. Successful exploitation could lead to arbitrary code execution." }, { "lang": "es", "value": "Adobe Flash Player, versiones 24.0.0.194 y anteriores, tienen una vulnerabilidad explotable de uso despu\u00e9s de liberaci\u00f3n en la clase ActionScript 3 BitmapData. La explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario." } ], "id": "CVE-2017-2985", "lastModified": "2024-11-21T03:24:35.343", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-02-15T06:59:00.557", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/96199" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037815" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201702-20" }, { "source": "psirt@adobe.com", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/41422/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/96199" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037815" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201702-20" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/41422/" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-10-13 20:00
Modified
2024-11-21 02:57
Severity ?
Summary
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, and CVE-2016-6989.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player_desktop_runtime | * | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "AC8E6823-74A6-4013-8719-3AECCD82E528", "versionEndIncluding": "23.0.0.162", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "44F8E3B1-C71C-4402-B58C-B6AEA1F9D123", "versionEndIncluding": "23.0.0.162", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "FF98FA22-5DF9-4408-946F-14F23F83B397", "versionEndIncluding": "23.0.0.162", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "0C7D71FC-0E0F-40CF-B6D1-ED900D0E1D1E", "versionEndIncluding": "18.0.0.375", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "9354C77F-09CA-4B4A-9775-54E5B78B045C", "versionEndIncluding": "23.0.0.162", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:linux:*:*", "matchCriteriaId": "8783B83A-0C8C-495E-BD14-C0857D9FB29D", "versionEndIncluding": "11.2.202.635", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, and CVE-2016-6989." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.382 y 19.x hasta la versi\u00f3n 23.x en versiones anteriores a 23.0.0.185 en Windows y OS X y en versiones anteriores a 11.2.202.637 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986 y CVE-2016-6989." } ], "id": "CVE-2016-6990", "lastModified": "2024-11-21T02:57:15.040", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-10-13T20:00:05.767", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/93490" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036985" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/93490" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036985" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 01:59
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4177.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4177." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria de pila) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4177." } ], "id": "CVE-2016-4176", "lastModified": "2024-11-21T02:51:33.540", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T01:59:45.630", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91721" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "psirt@adobe.com", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/40105/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91721" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/40105/" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-09-14 18:59
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player_desktop_runtime | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "E7CA6039-558F-4C74-95A6-5C651DD6884D", "versionEndIncluding": "11.2.202.632", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "15F5093D-7418-4D20-BFBA-081D69D7AE7F", "versionEndIncluding": "22.0.0.211", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "CE5BB30B-7DE2-469E-AF95-D552C2BF15F8", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "186A94B2-FFE5-48FF-BADA-0A8083C6CD3D", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "7DB6BA20-BD01-4169-AFE3-07DEB17381C9", "versionEndIncluding": "18.0.0.366", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "156F0DBE-F62C-4596-BF96-9E1224B74494", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.375 y 19.x hasta la versi\u00f3n 23.x en versiones anteriores a 23.0.0.162 en Windows y OS X y en versiones anteriores a 11.2.202.635 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922 y CVE-2016-6924." } ], "id": "CVE-2016-4274", "lastModified": "2024-11-21T02:51:46.680", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-09-14T18:59:03.217", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/92930" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/92930" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 01:59
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4176.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4176." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria de pila) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4176." } ], "id": "CVE-2016-4177", "lastModified": "2024-11-21T02:51:33.697", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T01:59:46.597", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91721" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "psirt@adobe.com", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/40104/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91721" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/40104/" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-12-15 06:59
Modified
2024-11-21 02:58
Severity ?
Summary
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to backtrack search functionality. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "CF0D14A5-39E1-4882-BB01-CEA5792A12A1", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "C9A6CB65-9F7A-4F32-BC34-F83524B7199C", "versionEndIncluding": "23.0.0.207", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "53F56649-F6A7-4CDE-B93C-5F7CB5986CB6", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "E36B0E89-5095-47A8-BF0F-68A9C37B356E", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "AA5B4F5E-0C58-42AD-8474-2FC6FAE237AB", "versionEndIncluding": "11.2.202.644", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to backtrack search functionality. Successful exploitation could lead to arbitrary code execution." }, { "lang": "es", "value": "Adobe Flash Player versi\u00f3n 23.0.0.207 y versiones anteriores, 11.2.202.644 y versiones anteriores tienen una vulnerabilidad explotable de desbordamiento/vaciado de b\u00fafer en la clase RegExp relacionada con la funcionalidad de b\u00fasqueda backtrack. Una explotaci\u00f3n exitosa puede resultar en una ejecuci\u00f3n de c\u00f3digo arbitrario." } ], "id": "CVE-2016-7869", "lastModified": "2024-11-21T02:58:37.457", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-12-15T06:59:33.313", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/94871" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037442" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-624" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/94871" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037442" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-624" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201701-17" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2024-11-21 02:57
Severity ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-6981.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player_desktop_runtime | * | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "AC8E6823-74A6-4013-8719-3AECCD82E528", "versionEndIncluding": "23.0.0.162", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "44F8E3B1-C71C-4402-B58C-B6AEA1F9D123", "versionEndIncluding": "23.0.0.162", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "FF98FA22-5DF9-4408-946F-14F23F83B397", "versionEndIncluding": "23.0.0.162", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "0C7D71FC-0E0F-40CF-B6D1-ED900D0E1D1E", "versionEndIncluding": "18.0.0.375", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "9354C77F-09CA-4B4A-9775-54E5B78B045C", "versionEndIncluding": "23.0.0.162", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:linux:*:*", "matchCriteriaId": "8783B83A-0C8C-495E-BD14-C0857D9FB29D", "versionEndIncluding": "11.2.202.635", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-6981." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.382 y 19.x hasta la versi\u00f3n 23.x en versiones anteriores a 23.0.0.185 en Windows y OS X y en versiones anteriores a 11.2.202.637 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6981." } ], "id": "CVE-2016-6987", "lastModified": "2024-11-21T02:57:14.647", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-10-13T19:59:59.503", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/93492" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036985" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/93492" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036985" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to obtain sensitive information from process memory via unspecified vectors.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to obtain sensitive information from process memory via unspecified vectors." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes obtener informaci\u00f3n sensible del proceso de memoria a trav\u00e9s de vectores no especificados." } ], "id": "CVE-2016-4232", "lastModified": "2024-11-21T02:51:41.183", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T02:00:39.733", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91724" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "source": "psirt@adobe.com", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/40355/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91724" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/40355/" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-401" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245 y CVE-2016-4246." } ], "id": "CVE-2016-4239", "lastModified": "2024-11-21T02:51:42.293", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T02:00:46.077", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2024-11-21 02:51
Severity ?
Summary
Heap-based buffer overflow in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Heap-based buffer overflow in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors." }, { "lang": "es", "value": "Desbordamiento de buffer basado en memoria din\u00e1mica en Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados." } ], "id": "CVE-2016-4249", "lastModified": "2024-11-21T02:51:43.817", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T02:00:55.593", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91722" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91722" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245 y CVE-2016-4246." } ], "id": "CVE-2016-4236", "lastModified": "2024-11-21T02:51:41.773", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T02:00:43.483", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 01:59
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4172, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245 y CVE-2016-4246." } ], "id": "CVE-2016-4175", "lastModified": "2024-11-21T02:51:33.387", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T01:59:44.770", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "psirt@adobe.com", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/40103/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/40103/" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-12-15 06:59
Modified
2024-11-21 02:58
Severity ?
Summary
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the PSDK class related to ad policy functionality method. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "CF0D14A5-39E1-4882-BB01-CEA5792A12A1", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "C9A6CB65-9F7A-4F32-BC34-F83524B7199C", "versionEndIncluding": "23.0.0.207", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "53F56649-F6A7-4CDE-B93C-5F7CB5986CB6", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "E36B0E89-5095-47A8-BF0F-68A9C37B356E", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "AA5B4F5E-0C58-42AD-8474-2FC6FAE237AB", "versionEndIncluding": "11.2.202.644", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the PSDK class related to ad policy functionality method. Successful exploitation could lead to arbitrary code execution." }, { "lang": "es", "value": "Adobe Flash Player versi\u00f3n 23.0.0.207 y versiones anteriores, 11.2.202.644 y versiones anteriores tienen una vulnerabilidad explotable de corrupci\u00f3n de memoria en la clase PSDK relacionada con el m\u00e9todo de a\u00f1adir una funcionalidad de pol\u00edtica. Una explotaci\u00f3n exitosa puede resultar en una ejecuci\u00f3n de c\u00f3digo arbitrario." } ], "id": "CVE-2016-7873", "lastModified": "2024-11-21T02:58:37.973", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-12-15T06:59:37.097", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/94866" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037442" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/94866" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037442" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201701-17" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-09-14 18:59
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player_desktop_runtime | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "E7CA6039-558F-4C74-95A6-5C651DD6884D", "versionEndIncluding": "11.2.202.632", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "15F5093D-7418-4D20-BFBA-081D69D7AE7F", "versionEndIncluding": "22.0.0.211", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "CE5BB30B-7DE2-469E-AF95-D552C2BF15F8", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "186A94B2-FFE5-48FF-BADA-0A8083C6CD3D", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "7DB6BA20-BD01-4169-AFE3-07DEB17381C9", "versionEndIncluding": "18.0.0.366", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "156F0DBE-F62C-4596-BF96-9E1224B74494", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.375 y 19.x hasta la versi\u00f3n 23.x en versiones anteriores a 23.0.0.162 en Windows y OS X y en versiones anteriores a 11.2.202.635 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922 y CVE-2016-6924." } ], "id": "CVE-2016-4282", "lastModified": "2024-11-21T02:51:47.773", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-09-14T18:59:12.310", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/92930" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/92930" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-03-12 15:59
Modified
2024-11-21 02:42
Severity ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | air | * | |
android | - | ||
adobe | air_sdk | * | |
samsung | x14j_firmware | t-ms14jakucb-1102.5 | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "7DB17574-F635-4CD2-97CD-92802EB88D83", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*", "matchCriteriaId": "026FF3B7-3C8D-42CA-AA19-678245A98619", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "00014504-21F2-4868-A17F-2B46E8F5D4B2", "versionEndIncluding": "20.0.0.260", "vulnerable": true }, { "criteria": "cpe:2.3:o:samsung:x14j_firmware:t-ms14jakucb-1102.5:*:*:*:*:*:*:*", "matchCriteriaId": "3A5867B4-EC19-45D4-87BE-867E1D41ECD5", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "FE45C4DB-E4D8-4AF7-9F13-963C62121EFF", "versionEndIncluding": "11.2.202.569", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "759CBC1F-B487-4562-9846-73B9D5DB2278", "versionEndIncluding": "20.2.2.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "AA526566-68B7-44D8-9886-41EE8E6C328B", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "56042C70-3EDA-47F9-AF4E-585659142AF7", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "F8FC6A7D-B68A-45D6-8AAA-97B0D88DA0A5", "versionEndIncluding": "20.0.0.260", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "602FF6D7-8811-443C-83F3-1306965872D7", "versionEndIncluding": "20.0.0.260", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.333 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.182 en Windows y OS X y en versiones anteriores a 11.2.202.577 en Linux, Adobe AIR en versiones anteriores a 21.0.0.176, Adobe AIR SDK en versiones anteriores a 21.0.0.176 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 21.0.0.176 permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999 y CVE-2016-1000." } ], "evaluatorComment": "CWE-416: Use After Free", "id": "CVE-2016-0991", "lastModified": "2024-11-21T02:42:47.903", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-03-12T15:59:11.900", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84312" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035251" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84312" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035251" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-03-12 15:59
Modified
2024-11-21 02:42
Severity ?
Summary
Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0993 and CVE-2016-1010.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | air | * | |
android | - | ||
adobe | air_sdk | * | |
samsung | x14j_firmware | t-ms14jakucb-1102.5 | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "7DB17574-F635-4CD2-97CD-92802EB88D83", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*", "matchCriteriaId": "026FF3B7-3C8D-42CA-AA19-678245A98619", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "00014504-21F2-4868-A17F-2B46E8F5D4B2", "versionEndIncluding": "20.0.0.260", "vulnerable": true }, { "criteria": "cpe:2.3:o:samsung:x14j_firmware:t-ms14jakucb-1102.5:*:*:*:*:*:*:*", "matchCriteriaId": "3A5867B4-EC19-45D4-87BE-867E1D41ECD5", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "FE45C4DB-E4D8-4AF7-9F13-963C62121EFF", "versionEndIncluding": "11.2.202.569", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "759CBC1F-B487-4562-9846-73B9D5DB2278", "versionEndIncluding": "20.2.2.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "AA526566-68B7-44D8-9886-41EE8E6C328B", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "56042C70-3EDA-47F9-AF4E-585659142AF7", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "F8FC6A7D-B68A-45D6-8AAA-97B0D88DA0A5", "versionEndIncluding": "20.0.0.260", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "602FF6D7-8811-443C-83F3-1306965872D7", "versionEndIncluding": "20.0.0.260", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0993 and CVE-2016-1010." }, { "lang": "es", "value": "Desbordamiento de enteros en Adobe Flash Player en versiones anteriores a 18.0.0.333 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.182 en Windows y OS X y en versiones anteriores a 11.2.202.577 en Linux, Adobe AIR en versiones anteriores a 21.0.0.176, Adobe AIR SDK en versiones anteriores a 21.0.0.176 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 21.0.0.176 permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-0993 y CVE-2016-1010." } ], "id": "CVE-2016-0963", "lastModified": "2024-11-21T02:42:43.690", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-03-12T15:59:05.993", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84308" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035251" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84308" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035251" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-190" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2014-10-15 10:55
Modified
2024-11-21 02:02
Severity ?
Summary
Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0558.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player | * | |
apple | macos | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | macos | - | |
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_8 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player_desktop_runtime | * | |
apple | macos | - | |
microsoft | windows | - | |
adobe | air_desktop_runtime | * | |
apple | macos | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | macos | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
android | - | ||
opensuse | evergreen | 11.4 | |
opensuse | opensuse | 12.3 | |
opensuse | opensuse | 13.1 | |
suse | linux_enterprise_desktop | 11 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "7A2FFBD2-7CB6-4E4F-B065-F56F73DF30F1", "versionEndIncluding": "11.2.202.406", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:extended_support:*:*:*", "matchCriteriaId": "2B8850AE-3FC0-4938-BF15-CACB5F7D55D7", "versionEndIncluding": "13.0.0.244", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "88205CF4-CC22-4FD3-8DEF-ECC6100946F5", "versionEndIncluding": "15.0.0.152", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_10:*:*", "matchCriteriaId": "6C531DF4-E76A-4BB1-B494-5105950F3EEF", "versionEndIncluding": "15.0.0.167", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_11:*:*", "matchCriteriaId": "68E1199F-D9C9-4B1C-91DF-9E2A42DA68BC", "versionEndIncluding": "15.0.0.167", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*", "matchCriteriaId": "0D229E41-A971-4284-9657-16D78414B93F", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "B0C179C7-81AF-404F-938F-5B230BE1E588", "versionEndIncluding": "15.0.0.167", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "C1E130A7-7A1A-4C97-B858-649824DF54C9", "versionEndIncluding": "15.0.0.249", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "ABCF26F4-738A-47BC-9264-A1CD124BEC68", "versionEndIncluding": "15.0.0.249", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "39EE3F92-86AD-44F7-A5CA-79DBDF2AA7C4", "versionEndIncluding": "15.0.0.252", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:opensuse:evergreen:11.4:*:*:*:*:*:*:*", "matchCriteriaId": "CCE4D64E-8C4B-4F21-A9B0-90637C85C1D0", "vulnerable": true }, { "criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", "matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668", "vulnerable": true }, { "criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", "matchCriteriaId": "3ED68ADD-BBDA-4485-BC76-58F011D72311", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK \u0026 Compiler before 15.0.0.302 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0558." }, { "lang": "es", "value": "Adobe Flash Player anterior a 13.0.0.250 y 14.x y 15.x anterior a 15.0.0.189 en Windows y OS X y anterior a 11.2.202.411 en Linux, Adobe AIR anterior a 15.0.0.293, Adobe AIR SDK anterior a 15.0.0.302, y Adobe AIR SDK \u0026 Compiler anterior a 15.0.0.302 permiten a atacantes ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2014-0558." } ], "id": "CVE-2014-0564", "lastModified": "2024-11-21T02:02:24.210", "metrics": { "cvssMetricV2": [ { "acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2014-10-15T10:55:06.130", "references": [ { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://helpx.adobe.com/security/products/flash-player/apsb14-22.html" }, { "source": "psirt@adobe.com", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00002.html" }, { "source": "psirt@adobe.com", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html" }, { "source": "psirt@adobe.com", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00033.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1648.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/61980" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1031019" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://helpx.adobe.com/security/products/flash-player/apsb14-22.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00002.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00033.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1648.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/61980" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1031019" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2019-09-12 19:15
Modified
2024-11-21 04:49
Severity ?
Summary
Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and earlier versions have a Use after free vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user.
References
▼ | URL | Tags | |
---|---|---|---|
psirt@adobe.com | https://helpx.adobe.com/security/products/flash-player/apsb19-46.html | Vendor Advisory | |
psirt@adobe.com | https://security.gentoo.org/glsa/201911-05 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/flash-player/apsb19-46.html | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201911-05 | Third Party Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | macos | - | |
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | macos | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "E75FA786-EC81-44A2-9E84-7B4DE7BB3ABE", "versionEndIncluding": "32.0.0.238", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "70AC6A66-4241-4ECE-8007-C9A1F433BEA2", "versionEndIncluding": "32.0.0.238", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "F50E7428-6FFC-487F-ABC4-FC04D578CE4E", "versionEndIncluding": "32.0.0.207", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "ACB3883B-6803-432F-B0AC-B6DE212158BA", "versionEndIncluding": "32.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and earlier versions have a Use after free vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user." }, { "lang": "es", "value": "Adobe Flash Player versi\u00f3n 32.0.0.238 y anteriores, versi\u00f3n 32.0.0.207 y anteriores, presentan una vulnerabilidad de uso de la memoria previamente liberada. La explotaci\u00f3n con \u00e9xito podr\u00eda conllevar a la ejecuci\u00f3n de c\u00f3digo arbitrario en el contexto del usuario actual." } ], "id": "CVE-2019-8070", "lastModified": "2024-11-21T04:49:13.720", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2019-09-12T19:15:11.577", "references": [ { "source": "psirt@adobe.com", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb19-46.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201911-05" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb19-46.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201911-05" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-04-09 01:59
Modified
2024-11-21 02:45
Severity ?
Summary
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "DBB40E98-5A3C-4D4E-BF35-66D8490D6B96", "versionEndIncluding": "11.2.202.577", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EAB15A84-C6CE-4B87-B058-1ACAF56D96A5", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "68F6E54E-28D2-460A-9167-8BD0D3283E26", "versionEndIncluding": "18.0.0.333", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "0303DA1C-3C95-4E68-B654-579A302FDF62", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "9B384454-A4B4-4E57-8B0C-2B7BB8DCC545", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "7B5CCFA5-1620-4BC0-ABC3-10F6CFC2D7FB", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "5C86F836-BD68-4B24-87F0-536D61670256", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "B2F4F71D-DA29-43C6-B71F-26F0E1E82619", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "B1EBEC22-8E22-47A6-B3F9-2D577AFE5FA1", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.343 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.213 en Windows y OS X y en versiones anteriores a 11.2.202.616 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente de CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1029, CVE-2016-1032 y CVE-2016-1033." } ], "id": "CVE-2016-1028", "lastModified": "2024-11-21T02:45:37.830", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-04-09T01:59:42.593", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/85932" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035509" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/85932" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035509" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-09-14 18:59
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-4271 and CVE-2016-4278.
References
▼ | URL | Tags | |
---|---|---|---|
psirt@adobe.com | http://rhn.redhat.com/errata/RHSA-2016-1865.html | Third Party Advisory | |
psirt@adobe.com | http://www.securitytracker.com/id/1036791 | Broken Link, Third Party Advisory, VDB Entry | |
psirt@adobe.com | https://helpx.adobe.com/security/products/flash-player/apsb16-29.html | Patch, Vendor Advisory | |
psirt@adobe.com | https://security.gentoo.org/glsa/201610-10 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2016-1865.html | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1036791 | Broken Link, Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/flash-player/apsb16-29.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201610-10 | Third Party Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player_desktop_runtime | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "E7CA6039-558F-4C74-95A6-5C651DD6884D", "versionEndIncluding": "11.2.202.632", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "15F5093D-7418-4D20-BFBA-081D69D7AE7F", "versionEndIncluding": "22.0.0.211", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "CE5BB30B-7DE2-469E-AF95-D552C2BF15F8", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "186A94B2-FFE5-48FF-BADA-0A8083C6CD3D", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "7DB6BA20-BD01-4169-AFE3-07DEB17381C9", "versionEndIncluding": "18.0.0.366", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "156F0DBE-F62C-4596-BF96-9E1224B74494", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-4271 and CVE-2016-4278." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.375 y 19.x hasta la versi\u00f3n 23.x en versiones anteriores a 23.0.0.162 en Windows y OS X y en versiones anteriores a 11.2.202.635 en Linux permite a atacantes eludir restricciones destinadas al acceso y obtener informaci\u00f3n sensible a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4271 y CVE-2016-4278." } ], "id": "CVE-2016-4277", "lastModified": "2024-11-21T02:51:47.077", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-09-14T18:59:06.637", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-12-15 06:59
Modified
2024-11-21 02:58
Severity ?
Summary
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the Worker class. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "CF0D14A5-39E1-4882-BB01-CEA5792A12A1", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "C9A6CB65-9F7A-4F32-BC34-F83524B7199C", "versionEndIncluding": "23.0.0.207", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "53F56649-F6A7-4CDE-B93C-5F7CB5986CB6", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "E36B0E89-5095-47A8-BF0F-68A9C37B356E", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "AA5B4F5E-0C58-42AD-8474-2FC6FAE237AB", "versionEndIncluding": "11.2.202.644", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the Worker class. Successful exploitation could lead to arbitrary code execution." }, { "lang": "es", "value": "Adobe Flash Player versi\u00f3n 23.0.0.207 y versiones anteriores, 11.2.202.644 y versiones anteriores tienen una vulnerabilidad explotable de corrupci\u00f3n de memoria en la clase Worker. Una explotaci\u00f3n exitosa puede resultar en una ejecuci\u00f3n de c\u00f3digo arbitrario." } ], "id": "CVE-2016-7871", "lastModified": "2024-11-21T02:58:37.707", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-12-15T06:59:35.237", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/94866" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037442" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-627" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/94866" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037442" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-627" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201701-17" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2018-05-19 17:29
Modified
2024-11-21 04:07
Severity ?
Summary
Adobe Flash Player versions 28.0.0.161 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
References
▼ | URL | Tags | |
---|---|---|---|
psirt@adobe.com | http://www.securityfocus.com/bid/103383 | Broken Link, Third Party Advisory, VDB Entry | |
psirt@adobe.com | http://www.securitytracker.com/id/1040509 | Broken Link, Third Party Advisory, VDB Entry | |
psirt@adobe.com | https://access.redhat.com/errata/RHSA-2018:0520 | Third Party Advisory | |
psirt@adobe.com | https://helpx.adobe.com/security/products/flash-player/apsb18-05.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/103383 | Broken Link, Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1040509 | Broken Link, Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:0520 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/flash-player/apsb18-05.html | Patch, Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "BD85F7DC-D1AF-403E-9162-CC770A906D52", "versionEndIncluding": "28.0.0.161", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "7C316A03-F2B1-4F5E-A34F-18583D27CACC", "versionEndIncluding": "28.0.0.161", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "7E1828C0-D5EA-4D4E-90E4-FB0D49369FCE", "versionEndIncluding": "28.0.0.161", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "204A0446-C7BB-4B26-80E4-CF18E07324DC", "versionEndIncluding": "28.0.0.161", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 28.0.0.161 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user." }, { "lang": "es", "value": "Adobe Flash Player, en versiones 28.0.0.161 y anteriores, tiene una vulnerabilidad explotable de confusi\u00f3n de tipos. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo en el contexto del usuario actual." } ], "id": "CVE-2018-4920", "lastModified": "2024-11-21T04:07:42.870", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-05-19T17:29:00.697", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/103383" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1040509" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:0520" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-05.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/103383" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1040509" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:0520" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-05.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-843" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-12-15 06:59
Modified
2024-11-21 02:58
Severity ?
Summary
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability when setting the length property of an array object. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "CF0D14A5-39E1-4882-BB01-CEA5792A12A1", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "C9A6CB65-9F7A-4F32-BC34-F83524B7199C", "versionEndIncluding": "23.0.0.207", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "53F56649-F6A7-4CDE-B93C-5F7CB5986CB6", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "E36B0E89-5095-47A8-BF0F-68A9C37B356E", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "AA5B4F5E-0C58-42AD-8474-2FC6FAE237AB", "versionEndIncluding": "11.2.202.644", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability when setting the length property of an array object. Successful exploitation could lead to arbitrary code execution." }, { "lang": "es", "value": "Adobe Flash Player versi\u00f3n 23.0.0.207 y versiones anteriores, 11.2.202.644 y versiones anteriores tienen una vulnerabilidad explotable de uso despu\u00e9s de liberaci\u00f3n de memoria cuando establece la propiedad de longitud de un objeto de array. Una explotaci\u00f3n exitosa puede resultar en una ejecuci\u00f3n de c\u00f3digo arbitrario." } ], "id": "CVE-2016-7880", "lastModified": "2024-11-21T02:58:38.850", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-12-15T06:59:44.313", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/94873" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037442" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/94873" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037442" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201701-17" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-03-04 23:59
Modified
2024-11-21 02:38
Severity ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via crafted MPEG-4 data, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, CVE-2015-8454, CVE-2015-8653, CVE-2015-8821, and CVE-2015-8822.
References
▼ | URL | Tags | |
---|---|---|---|
psirt@adobe.com | http://www.securityfocus.com/bid/84162 | Broken Link, Third Party Advisory, VDB Entry | |
psirt@adobe.com | http://www.zerodayinitiative.com/advisories/ZDI-15-655 | Third Party Advisory, VDB Entry | |
psirt@adobe.com | https://helpx.adobe.com/security/products/flash-player/apsb15-32.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/84162 | Broken Link, Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.zerodayinitiative.com/advisories/ZDI-15-655 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/flash-player/apsb15-32.html | Patch, Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air | * | |
android | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "A02328C4-D810-4774-8F28-2B5FB6C7CDB5", "versionEndIncluding": "11.2.202.548", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "60921187-5894-4500-A822-02986DC497C9", "versionEndIncluding": "19.0.0.245", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "40DB16C2-C074-4BA5-BAC3-7BF751724E01", "versionEndIncluding": "18.0.0.261", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*", "matchCriteriaId": "0D229E41-A971-4284-9657-16D78414B93F", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "9A6F84D7-62F0-45C0-962B-5EC8946B67AA", "versionEndIncluding": "19.0.0.245", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "82EBB50D-BFC5-4165-A673-D98BD23C79C8", "versionEndIncluding": "19.0.0.245", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "C5C96375-3919-417F-ADDC-657F3676EF91", "versionEndIncluding": "19.0.0.245", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "BADDF83B-C087-49E8-A628-171106018227", "versionEndIncluding": "19.0.0.241", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "89A1DBA3-8B4E-4832-8D39-6490CD99FE6B", "versionEndIncluding": "19.0.0.241", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "7C30B2BE-C291-495C-B7A8-A27492BE7177", "versionEndIncluding": "19.0.0.241", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*", "matchCriteriaId": "044936DC-41A9-407F-BE64-B0D6FD7F501E", "versionEndIncluding": "19.0.0.241", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK \u0026 Compiler before 20.0.0.204 allows attackers to execute arbitrary code via crafted MPEG-4 data, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, CVE-2015-8454, CVE-2015-8653, CVE-2015-8821, and CVE-2015-8822." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.268 y 19.x y 20.x en versiones anteriores a 20.0.0.228 en Windows y OS X y en versiones anteriores a 11.2.202.554 en Linux, Adobe AIR en versiones anteriores a 20.0.0.204, Adobe AIR SDK en versiones anteriores a 20.0.0.204 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 20.0.0.204 permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de datos MPEG-4 manipulados, una vulnerabilidad diferente a CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, CVE-2015-8454, CVE-2015-8653, CVE-2015-8821 y CVE-2015-8822." } ], "id": "CVE-2015-8655", "lastModified": "2024-11-21T02:38:54.340", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-03-04T23:59:04.390", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84162" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-655" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84162" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-655" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2024-11-21 02:51
Severity ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes ejecutar un c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231 y CVE-2016-4248." } ], "id": "CVE-2016-4227", "lastModified": "2024-11-21T02:51:40.450", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T02:00:34.980", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91719" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "source": "psirt@adobe.com", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/40307/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91719" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/40307/" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2018-05-19 17:29
Modified
2024-11-21 04:07
Severity ?
Summary
Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable Heap Overflow vulnerability. Successful exploitation could lead to information disclosure.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "E5278C46-1C86-41FF-AE07-FB960DDA5251", "versionEndIncluding": "29.0.0.113", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "EE872A2B-4118-419A-8B2A-1486BFE1F48A", "versionEndIncluding": "29.0.0.113", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "7531B60E-06FF-4F9C-90E0-71B8637D5CF0", "versionEndIncluding": "29.0.0.113", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "C58710D1-1B89-494D-8675-68A93C0ACD37", "versionEndIncluding": "29.0.0.113", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable Heap Overflow vulnerability. Successful exploitation could lead to information disclosure." }, { "lang": "es", "value": "Adobe Flash Player, en versiones 29.0.0.113 y anteriores, tiene una vulnerabilidad explotable de desbordamiento de memoria din\u00e1mica (heap). Su explotaci\u00f3n con \u00e9xito podr\u00eda resultar en una divulgaci\u00f3n de informaci\u00f3n." } ], "id": "CVE-2018-4936", "lastModified": "2024-11-21T04:07:44.760", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-05-19T17:29:01.337", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/103708" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1040648" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:1119" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-08.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201804-11" }, { "source": "psirt@adobe.com", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/44526/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/103708" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1040648" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:1119" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-08.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201804-11" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/44526/" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-04-09 01:59
Modified
2024-11-21 02:45
Severity ?
Summary
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "DBB40E98-5A3C-4D4E-BF35-66D8490D6B96", "versionEndIncluding": "11.2.202.577", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EAB15A84-C6CE-4B87-B058-1ACAF56D96A5", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "68F6E54E-28D2-460A-9167-8BD0D3283E26", "versionEndIncluding": "18.0.0.333", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "0303DA1C-3C95-4E68-B654-579A302FDF62", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "9B384454-A4B4-4E57-8B0C-2B7BB8DCC545", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "7B5CCFA5-1620-4BC0-ABC3-10F6CFC2D7FB", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "5C86F836-BD68-4B24-87F0-536D61670256", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "B2F4F71D-DA29-43C6-B71F-26F0E1E82619", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "B1EBEC22-8E22-47A6-B3F9-2D577AFE5FA1", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.343 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.213 en Windows y OS X y en versiones anteriores a 11.2.202.616 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente de CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032 y CVE-2016-1033." } ], "id": "CVE-2016-1025", "lastModified": "2024-11-21T02:45:37.383", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-04-09T01:59:39.733", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/85932" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035509" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/85932" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035509" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2018-05-19 17:29
Modified
2024-11-21 04:07
Severity ?
Summary
Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "E5278C46-1C86-41FF-AE07-FB960DDA5251", "versionEndIncluding": "29.0.0.113", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "EE872A2B-4118-419A-8B2A-1486BFE1F48A", "versionEndIncluding": "29.0.0.113", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "7531B60E-06FF-4F9C-90E0-71B8637D5CF0", "versionEndIncluding": "29.0.0.113", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "C58710D1-1B89-494D-8675-68A93C0ACD37", "versionEndIncluding": "29.0.0.113", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user." }, { "lang": "es", "value": "Adobe Flash Player, en versiones 29.0.0.113 y anteriores, tiene una vulnerabilidad explotable de escritura fuera de l\u00edmites. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo en el contexto del usuario actual." } ], "id": "CVE-2018-4935", "lastModified": "2024-11-21T04:07:44.623", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-05-19T17:29:01.307", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/103708" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1040648" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:1119" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-08.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201804-11" }, { "source": "psirt@adobe.com", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/44527/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/103708" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1040648" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:1119" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-08.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201804-11" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/44527/" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-06-16 14:59
Modified
2024-11-21 02:51
Severity ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "39AF0D5D-0C43-4290-B815-19DB07A2FC1A", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EC2F8B78-73CC-44EC-BACF-A2878252992B", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E51D60E3-00C6-459E-B2B9-CA7E25D02FDA", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_11:*:*", "matchCriteriaId": "B1E62C9B-698D-4B21-B513-11F59AC95187", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "363B5A6C-BEE3-4141-8CDD-C1EA06FAD441", "versionEndIncluding": "11.2.202.621", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "80E80DEC-4724-49F4-BD19-4687A83CA56E", "versionEndIncluding": "18.0.0.352", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F", "vulnerable": true }, { "criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*", "matchCriteriaId": "028ABA8F-4E7B-4CD0-B6FC-3A0941E254BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "ED540469-C4DD-485D-9B89-6877B2A74217", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:-:*:*:*:*:*:*:*", "matchCriteriaId": "6EC5FACD-13BC-44E3-8EE1-032CE02760DF", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*", "matchCriteriaId": "232581CC-130A-4C62-A7E9-2EC9A9364D53", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "C6CE5198-C498-4672-AF4C-77AB4BE06C5C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:r2:*:*:*:*:*:*", "matchCriteriaId": "5F2558DF-2D1F-46BA-ABF1-08522D33268E", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." }, { "lang": "es", "value": "Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librer\u00edas Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos, una vulnerabiliad diferente a otras CVEs listadas en MS16-083." } ], "id": "CVE-2016-4148", "lastModified": "2024-11-21T02:51:29.220", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-06-16T14:59:30.437", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "psirt@adobe.com", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-03-14 16:59
Modified
2024-11-21 03:24
Severity ?
Summary
Adobe Flash Player versions 24.0.0.221 and earlier have a vulnerability in the random number generator used for constant blinding. Successful exploitation could lead to information disclosure.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "6F017128-1329-4EA4-9E6F-EFC279D1A296", "versionEndIncluding": "24.0.0.221", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "68A43DA8-9EE3-4423-9E01-7AEE3DD378DD", "versionEndIncluding": "24.0.0.221", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "C5EFFCBC-AB30-47D8-ACC5-91FDB5F733C6", "versionEndIncluding": "24.0.0.221", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "B72F98B2-B74E-4F12-9415-F0B94035F273", "versionEndIncluding": "24.0.0.221", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 24.0.0.221 and earlier have a vulnerability in the random number generator used for constant blinding. Successful exploitation could lead to information disclosure." }, { "lang": "es", "value": "Adobe Flash Player versi\u00f3n 24.0.0.221 y versiones anteriores tienen una vulnerabilidad en el generador de n\u00fameros aleatorios utilizado para el cegamiento constante. Una explotaci\u00f3n exitosa podr\u00eda resultar en divulgaci\u00f3n de informaci\u00f3n." } ], "id": "CVE-2017-3000", "lastModified": "2024-11-21T03:24:37.277", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-03-14T16:59:00.333", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0526.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/96862" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037994" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-07.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201703-02" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0526.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/96862" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037994" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-07.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201703-02" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-06-16 14:59
Modified
2024-11-21 02:51
Severity ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "39AF0D5D-0C43-4290-B815-19DB07A2FC1A", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EC2F8B78-73CC-44EC-BACF-A2878252992B", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E51D60E3-00C6-459E-B2B9-CA7E25D02FDA", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_11:*:*", "matchCriteriaId": "B1E62C9B-698D-4B21-B513-11F59AC95187", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "363B5A6C-BEE3-4141-8CDD-C1EA06FAD441", "versionEndIncluding": "11.2.202.621", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "80E80DEC-4724-49F4-BD19-4687A83CA56E", "versionEndIncluding": "18.0.0.352", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F", "vulnerable": true }, { "criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*", "matchCriteriaId": "028ABA8F-4E7B-4CD0-B6FC-3A0941E254BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "ED540469-C4DD-485D-9B89-6877B2A74217", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:-:*:*:*:*:*:*:*", "matchCriteriaId": "6EC5FACD-13BC-44E3-8EE1-032CE02760DF", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*", "matchCriteriaId": "232581CC-130A-4C62-A7E9-2EC9A9364D53", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "C6CE5198-C498-4672-AF4C-77AB4BE06C5C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:r2:*:*:*:*:*:*", "matchCriteriaId": "5F2558DF-2D1F-46BA-ABF1-08522D33268E", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." }, { "lang": "es", "value": "Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librer\u00edas Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos, una vulnerabiliad diferente a otras CVEs listadas en MS16-083." } ], "id": "CVE-2016-4137", "lastModified": "2024-11-21T02:51:27.550", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-06-16T14:59:18.480", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "psirt@adobe.com", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" }, { "source": "psirt@adobe.com", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/40089/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/40089/" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-03-14 16:59
Modified
2024-11-21 03:24
Severity ?
Summary
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK functionality related to hosting playback surface. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "6F017128-1329-4EA4-9E6F-EFC279D1A296", "versionEndIncluding": "24.0.0.221", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "68A43DA8-9EE3-4423-9E01-7AEE3DD378DD", "versionEndIncluding": "24.0.0.221", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "C5EFFCBC-AB30-47D8-ACC5-91FDB5F733C6", "versionEndIncluding": "24.0.0.221", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "B72F98B2-B74E-4F12-9415-F0B94035F273", "versionEndIncluding": "24.0.0.221", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK functionality related to hosting playback surface. Successful exploitation could lead to arbitrary code execution." }, { "lang": "es", "value": "Adobe Flash Player versi\u00f3n 24.0.0.221 y versiones anteriores tienen una vulnerabilidad de corrupci\u00f3n de memoria explotable en la funcionalidad Primetime TVSDK relacionada con alojamiento de la superficie de reproducci\u00f3n. Una explotaci\u00f3n exitosa podr\u00eda resultar en ejecuci\u00f3n de c\u00f3digo arbitrario." } ], "id": "CVE-2017-2999", "lastModified": "2024-11-21T03:24:37.147", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-03-14T16:59:00.287", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0526.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/96866" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037994" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-07.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201703-02" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0526.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/96866" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037994" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-07.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201703-02" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-09-14 18:59
Modified
2024-11-21 02:51
Severity ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player_desktop_runtime | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "E7CA6039-558F-4C74-95A6-5C651DD6884D", "versionEndIncluding": "11.2.202.632", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "15F5093D-7418-4D20-BFBA-081D69D7AE7F", "versionEndIncluding": "22.0.0.211", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "CE5BB30B-7DE2-469E-AF95-D552C2BF15F8", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "186A94B2-FFE5-48FF-BADA-0A8083C6CD3D", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "7DB6BA20-BD01-4169-AFE3-07DEB17381C9", "versionEndIncluding": "18.0.0.366", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "156F0DBE-F62C-4596-BF96-9E1224B74494", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.375 y 19.x hasta la versi\u00f3n 23.x en versiones anteriores a 23.0.0.162 en Windows y OS X y en versiones anteriores a 11.2.202.635 en Linux permiten a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931 y CVE-2016-6932." } ], "id": "CVE-2016-4272", "lastModified": "2024-11-21T02:51:46.413", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-09-14T18:59:01.560", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/92927" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/92927" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-05-09 16:29
Modified
2024-11-21 03:24
Severity ?
Summary
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the ConvolutionFilter class. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player_desktop_runtime | * | |
linux | linux_kernel | - | |
microsoft | windows | - | |
redhat | enterprise_linux | 6.0 | |
redhat | enterprise_linux_desktop | 6.0 | |
redhat | enterprise_linux_workstation | 6.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "468D7461-525B-4955-86D3-634AD5F67D8B", "versionEndIncluding": "25.0.0.163", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "F993D3FB-20C2-45F9-B12A-C3B43626BE87", "versionEndIncluding": "25.0.0.148", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E1797469-2189-46B4-B989-65C723FB94DE", "versionEndIncluding": "25.0.0.148", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "5911F9A3-8BF4-41EC-A676-0B82E2BB955D", "versionEndIncluding": "25.0.0.148", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "388C1F56-BCBB-486E-8782-322283207C1F", "versionEndIncluding": "25.0.0.148", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the ConvolutionFilter class. Successful exploitation could lead to arbitrary code execution." }, { "lang": "es", "value": "Flash Player versiones 25.0.0.148 y anteriores de Adobe, presenta una vulnerabilidad de corrupci\u00f3n de memoria explotable en la clase ConvolutionFilter. Una explotaci\u00f3n con \u00e9xito podr\u00eda conllevar a la ejecuci\u00f3n de c\u00f3digo arbitraria." } ], "id": "CVE-2017-3070", "lastModified": "2024-11-21T03:24:46.240", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-05-09T16:29:00.260", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/98349" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1038427" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2017:1219" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-15.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201705-12" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/98349" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1038427" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2017:1219" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-15.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201705-12" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, and CVE-2016-4245.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, and CVE-2016-4245." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244 y CVE-2016-4245." } ], "id": "CVE-2016-4246", "lastModified": "2024-11-21T02:51:43.367", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T02:00:52.360", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-09-14 18:59
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player_desktop_runtime | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "E7CA6039-558F-4C74-95A6-5C651DD6884D", "versionEndIncluding": "11.2.202.632", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "15F5093D-7418-4D20-BFBA-081D69D7AE7F", "versionEndIncluding": "22.0.0.211", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "CE5BB30B-7DE2-469E-AF95-D552C2BF15F8", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "186A94B2-FFE5-48FF-BADA-0A8083C6CD3D", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "7DB6BA20-BD01-4169-AFE3-07DEB17381C9", "versionEndIncluding": "18.0.0.366", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "156F0DBE-F62C-4596-BF96-9E1224B74494", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.375 y 19.x hasta la versi\u00f3n 23.x en versiones anteriores a 23.0.0.162 en Windows y OS X y en versiones anteriores a 11.2.202.635 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922 y CVE-2016-6924." } ], "id": "CVE-2016-4280", "lastModified": "2024-11-21T02:51:47.517", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-09-14T18:59:10.200", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/92930" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/92930" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2018-09-25 13:29
Modified
2024-11-21 03:51
Severity ?
Summary
Adobe Flash Player versions 30.0.0.154 and earlier have a privilege escalation vulnerability. Successful exploitation could lead to information disclosure.
References
▼ | URL | Tags | |
---|---|---|---|
psirt@adobe.com | http://www.securityfocus.com/bid/105315 | Third Party Advisory, VDB Entry | |
psirt@adobe.com | http://www.securitytracker.com/id/1041620 | Third Party Advisory, VDB Entry | |
psirt@adobe.com | https://access.redhat.com/errata/RHSA-2018:2707 | Third Party Advisory | |
psirt@adobe.com | https://helpx.adobe.com/security/products/flash-player/apsb18-31.html | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/105315 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041620 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:2707 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/flash-player/apsb18-31.html | Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
redhat | enterprise_linux_desktop | 6.0 | |
redhat | enterprise_linux_server | 6.0 | |
redhat | enterprise_linux_workstation | 6.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "26F96710-32AF-40B9-B8EF-11CC1F9D062D", "versionEndIncluding": "31.0.0.108", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "A74D0782-4309-4077-A69E-1E21032CDAAB", "versionEndIncluding": "31.0.0.108", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "CA458648-6E1D-45CE-B3B2-0823C3E138BE", "versionEndIncluding": "31.0.0.108", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_11:*:*", "matchCriteriaId": "DC97709A-47EF-4A3A-9BDE-AB2F08DAC467", "versionEndIncluding": "31.0.0.108", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 30.0.0.154 and earlier have a privilege escalation vulnerability. Successful exploitation could lead to information disclosure." }, { "lang": "es", "value": "Adobe Flash Player, en versiones 30.0.0.154 y anteriores, tiene una vulnerabilidad de escalado de privilegios. Su explotaci\u00f3n con \u00e9xito podr\u00eda resultar en una divulgaci\u00f3n de informaci\u00f3n." } ], "id": "CVE-2018-15967", "lastModified": "2024-11-21T03:51:49.500", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-09-25T13:29:02.097", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/105315" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1041620" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:2707" }, { "source": "psirt@adobe.com", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-31.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/105315" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1041620" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:2707" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-31.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-200" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-09-14 18:59
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player_desktop_runtime | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "E7CA6039-558F-4C74-95A6-5C651DD6884D", "versionEndIncluding": "11.2.202.632", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "15F5093D-7418-4D20-BFBA-081D69D7AE7F", "versionEndIncluding": "22.0.0.211", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "CE5BB30B-7DE2-469E-AF95-D552C2BF15F8", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "186A94B2-FFE5-48FF-BADA-0A8083C6CD3D", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "7DB6BA20-BD01-4169-AFE3-07DEB17381C9", "versionEndIncluding": "18.0.0.366", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "156F0DBE-F62C-4596-BF96-9E1224B74494", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.375 y 19.x hasta la versi\u00f3n 23.x en versiones anteriores a 23.0.0.162 en Windows y OS X y en versiones anteriores a 11.2.202.635 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922 y CVE-2016-6924." } ], "id": "CVE-2016-4281", "lastModified": "2024-11-21T02:51:47.647", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-09-14T18:59:11.217", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/92930" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/92930" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-04-09 01:59
Modified
2024-11-21 02:45
Severity ?
Summary
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "DBB40E98-5A3C-4D4E-BF35-66D8490D6B96", "versionEndIncluding": "11.2.202.577", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EAB15A84-C6CE-4B87-B058-1ACAF56D96A5", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "68F6E54E-28D2-460A-9167-8BD0D3283E26", "versionEndIncluding": "18.0.0.333", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "0303DA1C-3C95-4E68-B654-579A302FDF62", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "9B384454-A4B4-4E57-8B0C-2B7BB8DCC545", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "7B5CCFA5-1620-4BC0-ABC3-10F6CFC2D7FB", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "5C86F836-BD68-4B24-87F0-536D61670256", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "B2F4F71D-DA29-43C6-B71F-26F0E1E82619", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "B1EBEC22-8E22-47A6-B3F9-2D577AFE5FA1", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.343 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.213 en Windows y OS X y en versiones anteriores a 11.2.202.616 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente de CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032 y CVE-2016-1033." } ], "id": "CVE-2016-1024", "lastModified": "2024-11-21T02:45:37.240", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-04-09T01:59:38.840", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/85932" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035509" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/85932" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035509" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-02-15 06:59
Modified
2024-11-21 03:24
Severity ?
Summary
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in Primetime SDK. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "72027AB8-CD81-4DC3-9898-F4CE2BAE309A", "versionEndIncluding": "24.0.0.194", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "DB881360-123D-413E-88F3-C402DD92D1D1", "versionEndIncluding": "24.0.0.194", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "A2E601B7-FB5B-4B6B-8AC3-1B7503D3DBEB", "versionEndIncluding": "24.0.0.194", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EAA0C4E6-7324-424C-A7C8-DEE39551A847", "versionEndIncluding": "24.0.0.194", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in Primetime SDK. Successful exploitation could lead to arbitrary code execution." }, { "lang": "es", "value": "Adobe Flash Player, versiones 24.0.0.194 y anteriores, tienen una vulnerabilidad explotable de corrupci\u00f3n de memoria en Primetime SDK. La explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario." } ], "id": "CVE-2017-2996", "lastModified": "2024-11-21T03:24:36.777", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-02-15T06:59:00.853", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/96190" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037815" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201702-20" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/96190" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037815" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201702-20" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-12-15 06:59
Modified
2024-11-21 02:58
Severity ?
Summary
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the PSDK's MediaPlayer class. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "CF0D14A5-39E1-4882-BB01-CEA5792A12A1", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "C9A6CB65-9F7A-4F32-BC34-F83524B7199C", "versionEndIncluding": "23.0.0.207", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "53F56649-F6A7-4CDE-B93C-5F7CB5986CB6", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "E36B0E89-5095-47A8-BF0F-68A9C37B356E", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "AA5B4F5E-0C58-42AD-8474-2FC6FAE237AB", "versionEndIncluding": "11.2.202.644", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the PSDK\u0027s MediaPlayer class. Successful exploitation could lead to arbitrary code execution." }, { "lang": "es", "value": "Adobe Flash Player versi\u00f3n 23.0.0.207 y versiones anteriores, 11.2.202.644 y versiones anteriores tienen una vulnerabilidad explotable de uso despu\u00e9s de liberaci\u00f3n de memoria en el PSDK\u0027s MediaPlayer class. Una explotaci\u00f3n exitosa puede resultar en una ejecuci\u00f3n de c\u00f3digo arbitrario." } ], "id": "CVE-2016-7878", "lastModified": "2024-11-21T02:58:38.593", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-12-15T06:59:42.237", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/94873" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037442" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-620" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/94873" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037442" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-620" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201701-17" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-02-10 20:59
Modified
2024-11-21 02:42
Severity ?
Summary
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "9C8C62C1-327A-4D04-A51C-0614DB4F5493", "versionEndIncluding": "11.2.202.559", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "BAFA5674-4EBC-4587-87C6-22A522B487C6", "versionEndIncluding": "20.0.0.286", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "002CFEA6-D147-44B4-90FC-0D3C68D96082", "versionEndIncluding": "18.0.0.326", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "F40FBAAB-92FC-45AF-B656-E87ECC4C4816", "versionEndIncluding": "20.0.0.272", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "686929A4-EB67-47B6-87EC-453BCD13FE20", "versionEndIncluding": "20.0.0.286", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E823E5FE-7367-41DE-8CD7-842C5C2F53CE", "versionEndIncluding": "20.0.0.272", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "18BA497D-0C1D-451E-B54F-4028FD9B9F3B", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "F09C5C9A-0493-4601-84AE-3A9C5985231D", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "00D08966-361A-430D-9B39-ED143404EBF6", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.329 y 19.x y 20.x en versiones anteriores a 20.0.0.306 en Windows y OS X y en versiones anteriores a 11.2.202.569 en Linux, Adobe AIR en versiones anteriores a 20.0.0.260, Adobe AIR SDK en versiones anteriores a 20.0.0.260 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 20.0.0.260 permiten a atacantes ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980 y CVE-2016-0981." } ], "id": "CVE-2016-0967", "lastModified": "2024-11-21T02:42:44.327", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-02-10T20:59:14.827", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1034970" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "psirt@adobe.com", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/39466/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1034970" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/39466/" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-02-10 20:59
Modified
2024-11-21 02:42
Severity ?
Summary
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, and CVE-2016-0980.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "9C8C62C1-327A-4D04-A51C-0614DB4F5493", "versionEndIncluding": "11.2.202.559", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "BAFA5674-4EBC-4587-87C6-22A522B487C6", "versionEndIncluding": "20.0.0.286", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "002CFEA6-D147-44B4-90FC-0D3C68D96082", "versionEndIncluding": "18.0.0.326", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "F40FBAAB-92FC-45AF-B656-E87ECC4C4816", "versionEndIncluding": "20.0.0.272", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "686929A4-EB67-47B6-87EC-453BCD13FE20", "versionEndIncluding": "20.0.0.286", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E823E5FE-7367-41DE-8CD7-842C5C2F53CE", "versionEndIncluding": "20.0.0.272", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "18BA497D-0C1D-451E-B54F-4028FD9B9F3B", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "F09C5C9A-0493-4601-84AE-3A9C5985231D", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "00D08966-361A-430D-9B39-ED143404EBF6", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, and CVE-2016-0980." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.329 y 19.x y 20.x en versiones anteriores a 20.0.0.306 en Windows y OS X y en versiones anteriores a 11.2.202.569 en Linux, Adobe AIR en versiones anteriores a 20.0.0.260, Adobe AIR SDK en versiones anteriores a 20.0.0.260 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 20.0.0.260 permiten a atacantes ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979 y CVE-2016-0980." } ], "id": "CVE-2016-0981", "lastModified": "2024-11-21T02:42:46.423", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-02-10T20:59:29.547", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1034970" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1034970" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-12-15 06:59
Modified
2024-11-21 02:58
Severity ?
Summary
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class for specific search strategies. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "CF0D14A5-39E1-4882-BB01-CEA5792A12A1", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "C9A6CB65-9F7A-4F32-BC34-F83524B7199C", "versionEndIncluding": "23.0.0.207", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "53F56649-F6A7-4CDE-B93C-5F7CB5986CB6", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "E36B0E89-5095-47A8-BF0F-68A9C37B356E", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "AA5B4F5E-0C58-42AD-8474-2FC6FAE237AB", "versionEndIncluding": "11.2.202.644", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class for specific search strategies. Successful exploitation could lead to arbitrary code execution." }, { "lang": "es", "value": "Adobe Flash Player versi\u00f3n 23.0.0.207 y versiones anteriores, 11.2.202.644 y versiones anteriores tienen una vulnerabilidad explotable de desbordamiento/vaciado de b\u00fafer en la clase RegExp para estrategias de b\u00fasqueda espec\u00edficas. Una explotaci\u00f3n exitosa puede resultar en una ejecuci\u00f3n de c\u00f3digo arbitrario." } ], "id": "CVE-2016-7870", "lastModified": "2024-11-21T02:58:37.580", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-12-15T06:59:34.297", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/94871" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037442" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-623" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/94871" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037442" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-623" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201701-17" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-04-09 01:59
Modified
2024-11-21 02:45
Severity ?
Summary
Stack-based buffer overflow in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via crafted JPEG-XR data.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "DBB40E98-5A3C-4D4E-BF35-66D8490D6B96", "versionEndIncluding": "11.2.202.577", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EAB15A84-C6CE-4B87-B058-1ACAF56D96A5", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "68F6E54E-28D2-460A-9167-8BD0D3283E26", "versionEndIncluding": "18.0.0.333", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "0303DA1C-3C95-4E68-B654-579A302FDF62", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "9B384454-A4B4-4E57-8B0C-2B7BB8DCC545", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "7B5CCFA5-1620-4BC0-ABC3-10F6CFC2D7FB", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "5C86F836-BD68-4B24-87F0-536D61670256", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "B2F4F71D-DA29-43C6-B71F-26F0E1E82619", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "B1EBEC22-8E22-47A6-B3F9-2D577AFE5FA1", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Stack-based buffer overflow in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via crafted JPEG-XR data." }, { "lang": "es", "value": "Desbordamiento de buffer basado en pila en Adobe Flash Player en versiones anteriores a 18.0.0.343 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.213 en Windows y OS X y en versiones anteriores a 11.2.202.616 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de datos JPEG-XR manipulados." } ], "id": "CVE-2016-1018", "lastModified": "2024-11-21T02:45:36.407", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-04-09T01:59:34.277", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035509" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-228/" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035509" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-228/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-03-12 15:59
Modified
2024-11-21 02:45
Severity ?
Summary
Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0963 and CVE-2016-0993.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | air | * | |
android | - | ||
adobe | air_sdk | * | |
samsung | x14j_firmware | t-ms14jakucb-1102.5 | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "cisaActionDue": "2022-06-15", "cisaExploitAdd": "2022-05-25", "cisaRequiredAction": "The impacted products are end-of-life and should be disconnected if still in use.", "cisaVulnerabilityName": "Adobe Flash Player and AIR Integer Overflow Vulnerability", "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "7DB17574-F635-4CD2-97CD-92802EB88D83", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*", "matchCriteriaId": "026FF3B7-3C8D-42CA-AA19-678245A98619", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "00014504-21F2-4868-A17F-2B46E8F5D4B2", "versionEndIncluding": "20.0.0.260", "vulnerable": true }, { "criteria": "cpe:2.3:o:samsung:x14j_firmware:t-ms14jakucb-1102.5:*:*:*:*:*:*:*", "matchCriteriaId": "3A5867B4-EC19-45D4-87BE-867E1D41ECD5", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "FE45C4DB-E4D8-4AF7-9F13-963C62121EFF", "versionEndIncluding": "11.2.202.569", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "759CBC1F-B487-4562-9846-73B9D5DB2278", "versionEndIncluding": "20.2.2.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "AA526566-68B7-44D8-9886-41EE8E6C328B", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "56042C70-3EDA-47F9-AF4E-585659142AF7", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "F8FC6A7D-B68A-45D6-8AAA-97B0D88DA0A5", "versionEndIncluding": "20.0.0.260", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "602FF6D7-8811-443C-83F3-1306965872D7", "versionEndIncluding": "20.0.0.260", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0963 and CVE-2016-0993." }, { "lang": "es", "value": "Desbordamiento de enteros en Adobe Flash Player en versiones anteriores a 18.0.0.333 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.182 en Windows y OS X y en versiones anteriores a 11.2.202.577 en Linux, Adobe AIR en versiones anteriores a 21.0.0.176, Adobe AIR SDK en versiones anteriores a 21.0.0.176 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 21.0.0.176 permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-0963 y CVE-2016-0993." } ], "id": "CVE-2016-1010", "lastModified": "2024-11-21T02:45:35.210", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-03-12T15:59:25.090", "references": [ { "source": "psirt@adobe.com", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "source": "psirt@adobe.com", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" }, { "source": "psirt@adobe.com", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "source": "psirt@adobe.com", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84308" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035251" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84308" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035251" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Undergoing Analysis", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-190" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-06-16 14:59
Modified
2024-11-21 02:51
Severity ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EC2F8B78-73CC-44EC-BACF-A2878252992B", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "80E80DEC-4724-49F4-BD19-4687A83CA56E", "versionEndIncluding": "18.0.0.352", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "39AF0D5D-0C43-4290-B815-19DB07A2FC1A", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E51D60E3-00C6-459E-B2B9-CA7E25D02FDA", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "AEBB9124-E2D5-435E-A59A-9B250374ABD6", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "363B5A6C-BEE3-4141-8CDD-C1EA06FAD441", "versionEndIncluding": "11.2.202.621", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." }, { "lang": "es", "value": "Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librer\u00edas Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos, una vulnerabilidad diferente a otras CVEs listadas en MS16-083." } ], "id": "CVE-2016-4166", "lastModified": "2024-11-21T02:51:31.933", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-06-16T14:59:49.047", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2024-11-21 02:57
Severity ?
Summary
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989, and CVE-2016-6990.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player_desktop_runtime | * | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "AC8E6823-74A6-4013-8719-3AECCD82E528", "versionEndIncluding": "23.0.0.162", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "44F8E3B1-C71C-4402-B58C-B6AEA1F9D123", "versionEndIncluding": "23.0.0.162", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "FF98FA22-5DF9-4408-946F-14F23F83B397", "versionEndIncluding": "23.0.0.162", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "0C7D71FC-0E0F-40CF-B6D1-ED900D0E1D1E", "versionEndIncluding": "18.0.0.375", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "9354C77F-09CA-4B4A-9775-54E5B78B045C", "versionEndIncluding": "23.0.0.162", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:linux:*:*", "matchCriteriaId": "8783B83A-0C8C-495E-BD14-C0857D9FB29D", "versionEndIncluding": "11.2.202.635", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989, and CVE-2016-6990." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.382 y 19.x hasta la versi\u00f3n 23.x en versiones anteriores a 23.0.0.185 en Windows y OS X y en versiones anteriores a 11.2.202.637 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4273, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989 y CVE-2016-6990." } ], "id": "CVE-2016-6982", "lastModified": "2024-11-21T02:57:13.993", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-10-13T19:59:53.850", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/93490" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036985" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/93490" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036985" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2016-4223 and CVE-2016-4225.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code by leveraging an unspecified \"type confusion,\" a different vulnerability than CVE-2016-4223 and CVE-2016-4225." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes ejecutar un c\u00f3digo arbitrario aprovechando una \"type confusion\" no especificada, una vulnerabilidad diferente a CVE-2016-4223 y CVE-2016-4225." } ], "id": "CVE-2016-4224", "lastModified": "2024-11-21T02:51:40.027", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T02:00:32.120", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91718" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-428" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91718" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-428" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-843" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-05-09 16:29
Modified
2024-11-21 03:24
Severity ?
Summary
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when handling multiple mask properties of display objects, aka memory corruption. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player_desktop_runtime | * | |
linux | linux_kernel | - | |
microsoft | windows | - | |
redhat | enterprise_linux | 6.0 | |
redhat | enterprise_linux_desktop | 6.0 | |
redhat | enterprise_linux_workstation | 6.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "468D7461-525B-4955-86D3-634AD5F67D8B", "versionEndIncluding": "25.0.0.163", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "F993D3FB-20C2-45F9-B12A-C3B43626BE87", "versionEndIncluding": "25.0.0.148", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E1797469-2189-46B4-B989-65C723FB94DE", "versionEndIncluding": "25.0.0.148", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "5911F9A3-8BF4-41EC-A676-0B82E2BB955D", "versionEndIncluding": "25.0.0.148", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "388C1F56-BCBB-486E-8782-322283207C1F", "versionEndIncluding": "25.0.0.148", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when handling multiple mask properties of display objects, aka memory corruption. Successful exploitation could lead to arbitrary code execution." }, { "lang": "es", "value": "Flash Player versiones 25.0.0.148 y anteriores de Adobe, presenta una vulnerabilidad de uso de la memoria previamente liberada explotable al manejar varias propiedades de m\u00e1scara de objetos de visualizaci\u00f3n, tambi\u00e9n se conoce como corrupci\u00f3n de memoria. Una explotaci\u00f3n con \u00e9xito podr\u00eda conllevar a la ejecuci\u00f3n de c\u00f3digo arbitraria." } ], "id": "CVE-2017-3073", "lastModified": "2024-11-21T03:24:46.640", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-05-09T16:29:00.370", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/98349" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1038427" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2017:1219" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-15.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201705-12" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/98349" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1038427" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2017:1219" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-15.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201705-12" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-03-12 15:59
Modified
2024-11-21 02:42
Severity ?
Summary
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-1002, and CVE-2016-1005.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | air | * | |
android | - | ||
adobe | air_sdk | * | |
samsung | x14j_firmware | t-ms14jakucb-1102.5 | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "7DB17574-F635-4CD2-97CD-92802EB88D83", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*", "matchCriteriaId": "026FF3B7-3C8D-42CA-AA19-678245A98619", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "00014504-21F2-4868-A17F-2B46E8F5D4B2", "versionEndIncluding": "20.0.0.260", "vulnerable": true }, { "criteria": "cpe:2.3:o:samsung:x14j_firmware:t-ms14jakucb-1102.5:*:*:*:*:*:*:*", "matchCriteriaId": "3A5867B4-EC19-45D4-87BE-867E1D41ECD5", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "FE45C4DB-E4D8-4AF7-9F13-963C62121EFF", "versionEndIncluding": "11.2.202.569", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "759CBC1F-B487-4562-9846-73B9D5DB2278", "versionEndIncluding": "20.2.2.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "AA526566-68B7-44D8-9886-41EE8E6C328B", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "56042C70-3EDA-47F9-AF4E-585659142AF7", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "F8FC6A7D-B68A-45D6-8AAA-97B0D88DA0A5", "versionEndIncluding": "20.0.0.260", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "602FF6D7-8811-443C-83F3-1306965872D7", "versionEndIncluding": "20.0.0.260", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-1002, and CVE-2016-1005." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.333 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.182 en Windows y OS X y en versiones anteriores a 11.2.202.577 en Linux, Adobe AIR en versiones anteriores a 21.0.0.176, Adobe AIR SDK en versiones anteriores a 21.0.0.176 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 21.0.0.176 permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-1002 y CVE-2016-1005." } ], "id": "CVE-2016-0992", "lastModified": "2024-11-21T02:42:48.047", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-03-12T15:59:12.823", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84311" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035251" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84311" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035251" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-09-14 18:59
Modified
2024-11-21 02:51
Severity ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player_desktop_runtime | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "E7CA6039-558F-4C74-95A6-5C651DD6884D", "versionEndIncluding": "11.2.202.632", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "15F5093D-7418-4D20-BFBA-081D69D7AE7F", "versionEndIncluding": "22.0.0.211", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "CE5BB30B-7DE2-469E-AF95-D552C2BF15F8", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "186A94B2-FFE5-48FF-BADA-0A8083C6CD3D", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "7DB6BA20-BD01-4169-AFE3-07DEB17381C9", "versionEndIncluding": "18.0.0.366", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "156F0DBE-F62C-4596-BF96-9E1224B74494", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.375 y 19.x hasta la versi\u00f3n 23.x en versiones anteriores a 23.0.0.162 en Windows y OS X y en versiones anteriores a 11.2.202.635 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4272, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931 y CVE-2016-6932." } ], "id": "CVE-2016-4279", "lastModified": "2024-11-21T02:51:47.390", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-09-14T18:59:09.263", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/92927" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/92927" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-06-16 14:59
Modified
2024-11-21 02:51
Severity ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "39AF0D5D-0C43-4290-B815-19DB07A2FC1A", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EC2F8B78-73CC-44EC-BACF-A2878252992B", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E51D60E3-00C6-459E-B2B9-CA7E25D02FDA", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_11:*:*", "matchCriteriaId": "B1E62C9B-698D-4B21-B513-11F59AC95187", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "363B5A6C-BEE3-4141-8CDD-C1EA06FAD441", "versionEndIncluding": "11.2.202.621", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "80E80DEC-4724-49F4-BD19-4687A83CA56E", "versionEndIncluding": "18.0.0.352", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F", "vulnerable": true }, { "criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*", "matchCriteriaId": "028ABA8F-4E7B-4CD0-B6FC-3A0941E254BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "ED540469-C4DD-485D-9B89-6877B2A74217", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:-:*:*:*:*:*:*:*", "matchCriteriaId": "6EC5FACD-13BC-44E3-8EE1-032CE02760DF", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*", "matchCriteriaId": "232581CC-130A-4C62-A7E9-2EC9A9364D53", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "C6CE5198-C498-4672-AF4C-77AB4BE06C5C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:r2:*:*:*:*:*:*", "matchCriteriaId": "5F2558DF-2D1F-46BA-ABF1-08522D33268E", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." }, { "lang": "es", "value": "Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librer\u00edas Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos, una vulnerabiliad diferente a otras CVEs listadas en MS16-083." } ], "id": "CVE-2016-4139", "lastModified": "2024-11-21T02:51:27.863", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-06-16T14:59:20.840", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "psirt@adobe.com", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245 y CVE-2016-4246." } ], "id": "CVE-2016-4237", "lastModified": "2024-11-21T02:51:41.930", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T02:00:44.343", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-02-15 06:59
Modified
2024-11-21 03:24
Severity ?
Summary
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability when parsing an MP4 header. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "72027AB8-CD81-4DC3-9898-F4CE2BAE309A", "versionEndIncluding": "24.0.0.194", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "DB881360-123D-413E-88F3-C402DD92D1D1", "versionEndIncluding": "24.0.0.194", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "A2E601B7-FB5B-4B6B-8AC3-1B7503D3DBEB", "versionEndIncluding": "24.0.0.194", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EAA0C4E6-7324-424C-A7C8-DEE39551A847", "versionEndIncluding": "24.0.0.194", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability when parsing an MP4 header. Successful exploitation could lead to arbitrary code execution." }, { "lang": "es", "value": "Adobe Flash Player, versiones 24.0.0.194 y anteriores, tienen una vulnerabilidad explotable de desbordamiento de memoria din\u00e1mica cuando se analiza una cabecera MP4. La explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario." } ], "id": "CVE-2017-2992", "lastModified": "2024-11-21T03:24:36.200", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-02-15T06:59:00.727", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/96193" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037815" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201702-20" }, { "source": "psirt@adobe.com", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/41420/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/96193" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037815" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201702-20" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/41420/" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-03-12 15:59
Modified
2024-11-21 02:45
Severity ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, and CVE-2016-0999.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | air | * | |
android | - | ||
adobe | air_sdk | * | |
samsung | x14j_firmware | t-ms14jakucb-1102.5 | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "7DB17574-F635-4CD2-97CD-92802EB88D83", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*", "matchCriteriaId": "026FF3B7-3C8D-42CA-AA19-678245A98619", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "00014504-21F2-4868-A17F-2B46E8F5D4B2", "versionEndIncluding": "20.0.0.260", "vulnerable": true }, { "criteria": "cpe:2.3:o:samsung:x14j_firmware:t-ms14jakucb-1102.5:*:*:*:*:*:*:*", "matchCriteriaId": "3A5867B4-EC19-45D4-87BE-867E1D41ECD5", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "FE45C4DB-E4D8-4AF7-9F13-963C62121EFF", "versionEndIncluding": "11.2.202.569", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "759CBC1F-B487-4562-9846-73B9D5DB2278", "versionEndIncluding": "20.2.2.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "AA526566-68B7-44D8-9886-41EE8E6C328B", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "56042C70-3EDA-47F9-AF4E-585659142AF7", "versionEndIncluding": "20.0.0.306", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "F8FC6A7D-B68A-45D6-8AAA-97B0D88DA0A5", "versionEndIncluding": "20.0.0.260", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "602FF6D7-8811-443C-83F3-1306965872D7", "versionEndIncluding": "20.0.0.260", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, and CVE-2016-0999." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.333 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.182 en Windows y OS X y en versiones anteriores a 11.2.202.577 en Linux, Adobe AIR en versiones anteriores a 21.0.0.176, Adobe AIR SDK en versiones anteriores a 21.0.0.176 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 21.0.0.176 permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998 y CVE-2016-0999." } ], "evaluatorComment": "CWE-416: Use After Free", "id": "CVE-2016-1000", "lastModified": "2024-11-21T02:45:33.897", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-03-12T15:59:21.027", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1582.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1583.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84312" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035251" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "psirt@adobe.com", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/39610/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1582.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1583.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/84312" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035251" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/39610/" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2024-11-21 02:51
Severity ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes ejecutar un c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4230, CVE-2016-4231 y CVE-2016-4248." } ], "id": "CVE-2016-4229", "lastModified": "2024-11-21T02:51:40.743", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T02:00:36.967", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://packetstormsecurity.com/files/138531/Adobe-Flash-BitmapData.copyPixels-Use-After-Free.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91719" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/40310/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://packetstormsecurity.com/files/138531/Adobe-Flash-BitmapData.copyPixels-Use-After-Free.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91719" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/40310/" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-02-10 20:59
Modified
2024-11-21 02:42
Severity ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0983, and CVE-2016-0984.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "9C8C62C1-327A-4D04-A51C-0614DB4F5493", "versionEndIncluding": "11.2.202.559", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "BAFA5674-4EBC-4587-87C6-22A522B487C6", "versionEndIncluding": "20.0.0.286", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "002CFEA6-D147-44B4-90FC-0D3C68D96082", "versionEndIncluding": "18.0.0.326", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "F40FBAAB-92FC-45AF-B656-E87ECC4C4816", "versionEndIncluding": "20.0.0.272", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "686929A4-EB67-47B6-87EC-453BCD13FE20", "versionEndIncluding": "20.0.0.286", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E823E5FE-7367-41DE-8CD7-842C5C2F53CE", "versionEndIncluding": "20.0.0.272", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "18BA497D-0C1D-451E-B54F-4028FD9B9F3B", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "F09C5C9A-0493-4601-84AE-3A9C5985231D", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "00D08966-361A-430D-9B39-ED143404EBF6", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0983, and CVE-2016-0984." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.329 y 19.x y 20.x en versiones anteriores a 20.0.0.306 en Windows y OS X y en versiones anteriores a 11.2.202.569 en Linux, Adobe AIR en versiones anteriores a 20.0.0.260, Adobe AIR SDK en versiones anteriores a 20.0.0.260 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 20.0.0.260 permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0983 y CVE-2016-0984." } ], "id": "CVE-2016-0982", "lastModified": "2024-11-21T02:42:46.553", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-02-10T20:59:30.530", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1034970" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1034970" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-12-15 06:59
Modified
2024-11-21 02:58
Severity ?
Summary
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to bookmarking in searches. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "CF0D14A5-39E1-4882-BB01-CEA5792A12A1", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "C9A6CB65-9F7A-4F32-BC34-F83524B7199C", "versionEndIncluding": "23.0.0.207", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "53F56649-F6A7-4CDE-B93C-5F7CB5986CB6", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "E36B0E89-5095-47A8-BF0F-68A9C37B356E", "versionEndIncluding": "23.0.0.207", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "AA5B4F5E-0C58-42AD-8474-2FC6FAE237AB", "versionEndIncluding": "11.2.202.644", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to bookmarking in searches. Successful exploitation could lead to arbitrary code execution." }, { "lang": "es", "value": "Adobe Flash Player versi\u00f3n 23.0.0.207 y versiones anteriores, 11.2.202.644 y versiones anteriores tienen una vulnerabilidad explotable de desbordamiento/vaciado de b\u00fafer en la clase RegExp relacionada con marcadores en b\u00fasquedas. Una explotaci\u00f3n exitosa puede resultar en una ejecuci\u00f3n de c\u00f3digo arbitrario." } ], "id": "CVE-2016-7867", "lastModified": "2024-11-21T02:58:37.187", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-12-15T06:59:30.940", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/94871" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037442" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-622" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/94871" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037442" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-622" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201701-17" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-06-16 14:59
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4160, CVE-2016-4161, and CVE-2016-4162.
References
▼ | URL | Tags | |
---|---|---|---|
psirt@adobe.com | http://rhn.redhat.com/errata/RHSA-2016-1079.html | Third Party Advisory | |
psirt@adobe.com | http://www.securityfocus.com/bid/90618 | Broken Link, Third Party Advisory, VDB Entry | |
psirt@adobe.com | https://helpx.adobe.com/security/products/flash-player/apsb16-15.html | Patch, Vendor Advisory | |
psirt@adobe.com | https://security.gentoo.org/glsa/201606-08 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2016-1079.html | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/90618 | Broken Link, Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/flash-player/apsb16-15.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201606-08 | Third Party Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_desktop_runtime | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "6FE9A1FF-A8FB-4705-AAA2-76022BC3177D", "versionEndIncluding": "21.0.0.241", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "8B11675D-1F0B-4CF1-B9CB-9D9109ACBD0F", "versionEndIncluding": "21.0.0.241", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "6510599C-F0BE-49FD-94A1-7CC7F956FE9B", "versionEndIncluding": "18.0.0.343", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "590F571C-F892-4B40-988D-E0C496F62457", "versionEndIncluding": "21.0.0.198", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "FD6F6486-94C1-44D8-828A-51C257CCC0EC", "versionEndIncluding": "21.0.0.198", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "E335D8A1-5BD1-4A6E-A5DB-FC88A2A91C38", "versionEndIncluding": "11.2.202.616", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "0BAD76E9-AB24-4E7E-B9B0-3B509A4C190C", "versionEndIncluding": "21.0.0.216", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "FC3AC109-2F61-43DC-9490-07920FFC9E69", "versionEndIncluding": "21.0.0.226", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "08AF08C7-348E-4C2A-AA14-8E561A2233CA", "versionEndIncluding": "21.0.0.198", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4160, CVE-2016-4161, and CVE-2016-4162." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.352 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.242 en Windows y SO X y en versiones anteriores a 11.2.202.621 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4160, CVE-2016-4161 y CVE-2016-4162." } ], "id": "CVE-2016-4163", "lastModified": "2024-11-21T02:51:31.510", "metrics": { "cvssMetricV2": [ { "acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-06-16T14:59:46.250", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1079.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/90618" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201606-08" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1079.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/90618" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201606-08" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-06-16 14:59
Modified
2024-11-21 02:51
Severity ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EC2F8B78-73CC-44EC-BACF-A2878252992B", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "363B5A6C-BEE3-4141-8CDD-C1EA06FAD441", "versionEndIncluding": "11.2.202.621", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "80E80DEC-4724-49F4-BD19-4687A83CA56E", "versionEndIncluding": "18.0.0.352", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E51D60E3-00C6-459E-B2B9-CA7E25D02FDA", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "AEBB9124-E2D5-435E-A59A-9B250374ABD6", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "39AF0D5D-0C43-4290-B815-19DB07A2FC1A", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F", "vulnerable": true }, { "criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*", "matchCriteriaId": "028ABA8F-4E7B-4CD0-B6FC-3A0941E254BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "ED540469-C4DD-485D-9B89-6877B2A74217", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." }, { "lang": "es", "value": "Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librer\u00edas Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos, una vulnerabiliad diferente a otras CVEs listadas en MS16-083." } ], "id": "CVE-2016-4154", "lastModified": "2024-11-21T02:51:30.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-06-16T14:59:36.640", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, and CVE-2016-4246.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, and CVE-2016-4246." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244 y CVE-2016-4246." } ], "id": "CVE-2016-4245", "lastModified": "2024-11-21T02:51:43.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T02:00:51.360", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2018-07-09 19:29
Modified
2024-11-21 04:07
Severity ?
Summary
Adobe Flash Player versions 29.0.0.171 and earlier have an Integer Overflow vulnerability. Successful exploitation could lead to information disclosure.
References
▼ | URL | Tags | |
---|---|---|---|
psirt@adobe.com | http://www.securityfocus.com/bid/104413 | Third Party Advisory, VDB Entry | |
psirt@adobe.com | http://www.securitytracker.com/id/1041058 | Third Party Advisory, VDB Entry | |
psirt@adobe.com | https://access.redhat.com/errata/RHSA-2018:1827 | Third Party Advisory | |
psirt@adobe.com | https://helpx.adobe.com/security/products/flash-player/apsb18-19.html | Patch, Vendor Advisory | |
psirt@adobe.com | https://security.gentoo.org/glsa/201806-02 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/104413 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041058 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:1827 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/flash-player/apsb18-19.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201806-02 | Third Party Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
redhat | enterprise_linux_desktop | 6.0 | |
redhat | enterprise_linux_server | 6.0 | |
redhat | enterprise_linux_workstation | 6.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "DC761085-74A4-496C-B221-5949B32EBB30", "versionEndIncluding": "29.0.0.171", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "3031D75C-69D7-4706-BF72-E07A4454A5C7", "versionEndIncluding": "29.0.0.171", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "31913F89-EB71-44A8-8AFB-E284AE191BE7", "versionEndIncluding": "29.0.0.171", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_11:*:*", "matchCriteriaId": "6028F4B9-007F-4C11-968B-A63D1E2D2826", "versionEndIncluding": "29.0.0.171", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 29.0.0.171 and earlier have an Integer Overflow vulnerability. Successful exploitation could lead to information disclosure." }, { "lang": "es", "value": "Adobe Flash Player en versiones 29.0.0.171 y anteriores tiene una vulnerabilidad de desbordamiento de enteros. Su explotaci\u00f3n con \u00e9xito podr\u00eda resultar en una divulgaci\u00f3n de informaci\u00f3n." } ], "id": "CVE-2018-5000", "lastModified": "2024-11-21T04:07:53.507", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-07-09T19:29:03.670", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/104413" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1041058" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:1827" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-19.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201806-02" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/104413" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1041058" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:1827" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-19.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201806-02" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-190" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2015-07-14 10:59
Modified
2024-11-21 02:32
Severity ?
Summary
Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that leverages improper handling of the opaqueBackground property, as exploited in the wild in July 2015.
References
Impacted products
{ "cisaActionDue": "2022-05-04", "cisaExploitAdd": "2022-04-13", "cisaRequiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "cisaVulnerabilityName": "Adobe Flash Player Use-After-Free Vulnerability", "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "17769E33-3CBA-475B-8CC6-263F38B548DD", "versionEndIncluding": "13.0.0.302", "versionStartIncluding": "13.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "31C75D4E-31EC-4889-8DAF-559B9FECBBB7", "versionEndIncluding": "18.0.0.203", "versionStartIncluding": "18.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "71F9E1A3-B61E-4949-86B0-C252943072ED", "versionEndIncluding": "18.0.0.203", "versionStartIncluding": "18.0", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "F160BA87-34AD-4E34-8605-EDE5048CF618", "versionEndIncluding": "18.0.0.204", "versionStartIncluding": "18.0", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_10:*:*", "matchCriteriaId": "672576D9-06C2-4564-9853-7E6991E30710", "versionEndIncluding": "18.0.0.203", "versionStartIncluding": "18.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_11:*:*", "matchCriteriaId": "E72C2D81-2088-482F-9BD3-D11A205D53CD", "versionEndIncluding": "18.0.0.203", "versionStartIncluding": "18.0", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*", "matchCriteriaId": "0D229E41-A971-4284-9657-16D78414B93F", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "638F2736-01BF-4AF8-9215-C1E81B1DC9EE", "versionEndIncluding": "11.2.202.481", "versionStartIncluding": "11.0", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6:*:*:*:*:*:*:*", "matchCriteriaId": "C18E3368-8980-45D2-AD3F-5BF385ABA693", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:opensuse:evergreen:11.4:*:*:*:*:*:*:*", "matchCriteriaId": "CCE4D64E-8C4B-4F21-A9B0-90637C85C1D0", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", "matchCriteriaId": "3ED68ADD-BBDA-4485-BC76-58F011D72311", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp4:*:*:*:*:*:*", "matchCriteriaId": "17D4B6F2-514D-4BC2-B2C5-4E2FCCAC594C", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:*:*:*:*:*:*:*", "matchCriteriaId": "F1EB0F28-F23A-4969-8A3E-66DA2EFA40C3", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:*:*:*:*:*:*:*", "matchCriteriaId": "9DFA18B6-2642-470A-A350-68947529EE5D", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that leverages improper handling of the opaqueBackground property, as exploited in the wild in July 2015." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n descubierta en la implementaci\u00f3n de la clase DisplayObject en el ActionScript (AS3) en Adobe Flash Player 13.x hasta 13.0.0.302 en Windows y en OS X, 14.x hasta 18.0.0.203 en Windows y en OS X, 11.x hasta 11.2.202.481 en Linux, y en 12.x hasta 18.0.0.204 en las intalaciones de Google Chorme en Linux permite a atacantes remotos ejecutar c\u00f3digo arbitrario o causar denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) hasta contenido Flash manipulado que aprovecha el manejo inadecuado de la propiedad opaqueBackground, tal y como fue utilizado activamente en julio de 2015." } ], "evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/416.html\" rel=\"nofollow\"\u003eCWE-416: Use After Free\u003c/a\u003e", "id": "CVE-2015-5122", "lastModified": "2024-11-21T02:32:24.423", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2015-07-14T10:59:00.213", "references": [ { "source": "psirt@adobe.com", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00028.html" }, { "source": "psirt@adobe.com", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00029.html" }, { "source": "psirt@adobe.com", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00032.html" }, { "source": "psirt@adobe.com", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2" }, { "source": "psirt@adobe.com", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "http://packetstormsecurity.com/files/132663/Adobe-Flash-opaqueBackground-Use-After-Free.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1235.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/338736" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://www.rapid7.com/db/modules/exploit/multi/browser/adobe_flash_opaque_background_uaf" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/75712" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1032890" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/ncas/alerts/TA15-195A" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04796784" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04796784" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952467" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsa15-04.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-18.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "https://perception-point.io/2018/04/11/breaking-cfi-cve-2015-5122-coop/" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "https://perception-point.io/new/breaking-cfi.php" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201508-01" }, { "source": "psirt@adobe.com", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/37599/" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "https://www.fireeye.com/blog/threat-research/2015/07/cve-2015-5122_-_seco.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00028.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00029.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00032.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "http://packetstormsecurity.com/files/132663/Adobe-Flash-opaqueBackground-Use-After-Free.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1235.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/338736" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://www.rapid7.com/db/modules/exploit/multi/browser/adobe_flash_opaque_background_uaf" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/75712" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1032890" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/ncas/alerts/TA15-195A" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04796784" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04796784" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952467" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsa15-04.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-18.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "https://perception-point.io/2018/04/11/breaking-cfi-cve-2015-5122-coop/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "https://perception-point.io/new/breaking-cfi.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201508-01" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/37599/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "https://www.fireeye.com/blog/threat-research/2015/07/cve-2015-5122_-_seco.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Undergoing Analysis", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-02-10 20:59
Modified
2024-11-21 02:42
Severity ?
Summary
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion."
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "9C8C62C1-327A-4D04-A51C-0614DB4F5493", "versionEndIncluding": "11.2.202.559", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "BAFA5674-4EBC-4587-87C6-22A522B487C6", "versionEndIncluding": "20.0.0.286", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "002CFEA6-D147-44B4-90FC-0D3C68D96082", "versionEndIncluding": "18.0.0.326", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "F40FBAAB-92FC-45AF-B656-E87ECC4C4816", "versionEndIncluding": "20.0.0.272", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "686929A4-EB67-47B6-87EC-453BCD13FE20", "versionEndIncluding": "20.0.0.286", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E823E5FE-7367-41DE-8CD7-842C5C2F53CE", "versionEndIncluding": "20.0.0.272", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "18BA497D-0C1D-451E-B54F-4028FD9B9F3B", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "F09C5C9A-0493-4601-84AE-3A9C5985231D", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "00D08966-361A-430D-9B39-ED143404EBF6", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code by leveraging an unspecified \"type confusion.\"" }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.329 y 19.x y 20.x en versiones anteriores a 20.0.0.306 en Windows y OS X y en versiones anteriores a 11.2.202.569 en Linux, Adobe AIR en versiones anteriores a 20.0.0.260, Adobe AIR SDK en versiones anteriores a 20.0.0.260 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 20.0.0.260 permiten a atacantes ejecutar c\u00f3digo arbitrario aprovechando una \"confusi\u00f3n de tipo\" no especificada." } ], "id": "CVE-2016-0985", "lastModified": "2024-11-21T02:42:46.997", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-02-10T20:59:33.517", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1034970" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "psirt@adobe.com", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/39461/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1034970" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/39461/" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-843" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-04-09 01:59
Modified
2024-11-21 02:45
Severity ?
Summary
Use-after-free vulnerability in the LoadVars.decode function in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1011, CVE-2016-1013, CVE-2016-1016, and CVE-2016-1031.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "DBB40E98-5A3C-4D4E-BF35-66D8490D6B96", "versionEndIncluding": "11.2.202.577", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EAB15A84-C6CE-4B87-B058-1ACAF56D96A5", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "68F6E54E-28D2-460A-9167-8BD0D3283E26", "versionEndIncluding": "18.0.0.333", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "0303DA1C-3C95-4E68-B654-579A302FDF62", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "9B384454-A4B4-4E57-8B0C-2B7BB8DCC545", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "7B5CCFA5-1620-4BC0-ABC3-10F6CFC2D7FB", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "5C86F836-BD68-4B24-87F0-536D61670256", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "B2F4F71D-DA29-43C6-B71F-26F0E1E82619", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "B1EBEC22-8E22-47A6-B3F9-2D577AFE5FA1", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in the LoadVars.decode function in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1011, CVE-2016-1013, CVE-2016-1016, and CVE-2016-1031." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en la funci\u00f3n LoadVars.decode en Adobe Flash Player en versiones anteriores a 18.0.0.343 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.213 en Windows y OS X y en versiones anteriores a 11.2.202.616 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente de CVE-2016-1011, CVE-2016-1013, CVE-2016-1016 y CVE-2016-1031." } ], "id": "CVE-2016-1017", "lastModified": "2024-11-21T02:45:36.270", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-04-09T01:59:32.903", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/85926" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035509" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-225/" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/85926" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035509" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-225/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-02-15 06:59
Modified
2024-11-21 03:24
Severity ?
Summary
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability when performing garbage collection. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "72027AB8-CD81-4DC3-9898-F4CE2BAE309A", "versionEndIncluding": "24.0.0.194", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "DB881360-123D-413E-88F3-C402DD92D1D1", "versionEndIncluding": "24.0.0.194", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "A2E601B7-FB5B-4B6B-8AC3-1B7503D3DBEB", "versionEndIncluding": "24.0.0.194", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EAA0C4E6-7324-424C-A7C8-DEE39551A847", "versionEndIncluding": "24.0.0.194", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability when performing garbage collection. Successful exploitation could lead to arbitrary code execution." }, { "lang": "es", "value": "Adobe Flash Player, versiones 24.0.0.194 y anteriores, tienen una vulnerabilidad explotable de corrupci\u00f3n de memoria cuando se realiza la recolecci\u00f3n de elementos no utilizados. La explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario." } ], "id": "CVE-2017-2988", "lastModified": "2024-11-21T03:24:35.713", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-02-15T06:59:00.637", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/96190" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037815" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201702-20" }, { "source": "psirt@adobe.com", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/41421/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/96190" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037815" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201702-20" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/41421/" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2020-06-12 14:15
Modified
2024-11-21 05:41
Severity ?
Summary
Adobe Flash Player Desktop Runtime 32.0.0.371 and earlier, Adobe Flash Player for Google Chrome 32.0.0.371 and earlier, and Adobe Flash Player for Microsoft Edge and Internet Explorer 32.0.0.330 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags | |
---|---|---|---|
psirt@adobe.com | https://helpx.adobe.com/security/products/flash-player/apsb20-30.html | Vendor Advisory | |
psirt@adobe.com | https://security.gentoo.org/glsa/202006-09 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/flash-player/apsb20-30.html | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202006-09 | Third Party Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | macos | - | |
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | macos | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | * | |
microsoft | windows_8.1 | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "5C63292D-C07C-4532-BF29-3D294BF50887", "versionEndIncluding": "32.0.0.371", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "039A7D78-45CE-47BF-AEC8-884087EE6E45", "versionEndIncluding": "32.0.0.371", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "C0D84695-05A2-4DA6-95D0-852538E33EDC", "versionEndIncluding": "32.0.0.330", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_11:*:*", "matchCriteriaId": "C77C42BD-FD48-4119-AE5D-C6510B1AF32D", "versionEndIncluding": "32.0.0.330", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:*", "matchCriteriaId": "FBC814B4-7DEC-4EFC-ABFF-08FFD9FD16AA", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*", "matchCriteriaId": "A7F51B5F-AA19-4D31-89FA-6DFAC4BA8F0F", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player Desktop Runtime 32.0.0.371 and earlier, Adobe Flash Player for Google Chrome 32.0.0.371 and earlier, and Adobe Flash Player for Microsoft Edge and Internet Explorer 32.0.0.330 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution." }, { "lang": "es", "value": "Adobe Flash Player Desktop Runtime versiones 32.0.0.371 y anteriores, Adobe Flash Player para Google Chrome versiones 32.0.0.371 y anteriores, y Adobe Flash Player para Microsoft Edge y Internet Explorer versiones 32.0.0.330 y anteriores presentan una vulnerabilidad de un uso de la memoria previamente liberada. Una explotaci\u00f3n con \u00e9xito podr\u00eda conllevar a una ejecuci\u00f3n de c\u00f3digo arbitraria" } ], "id": "CVE-2020-9633", "lastModified": "2024-11-21T05:41:00.097", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2020-06-12T14:15:11.450", "references": [ { "source": "psirt@adobe.com", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb20-30.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/202006-09" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb20-30.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/202006-09" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 01:59
Modified
2024-11-21 02:51
Severity ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248." }, { "lang": "es", "value": "Uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4173, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231 y CVE-2016-4248." } ], "evaluatorComment": "CWE-416: Use After Free", "id": "CVE-2016-4174", "lastModified": "2024-11-21T02:51:33.227", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T01:59:43.770", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91719" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91719" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2024-11-21 02:51
Severity ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes ejecutar un c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231 y CVE-2016-4248." } ], "id": "CVE-2016-4226", "lastModified": "2024-11-21T02:51:40.310", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T02:00:34.120", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91719" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/40308/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91719" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/40308/" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2018-05-19 17:29
Modified
2024-11-21 04:07
Severity ?
Summary
Adobe Flash Player versions 28.0.0.161 and earlier have an exploitable use after free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
References
▼ | URL | Tags | |
---|---|---|---|
psirt@adobe.com | http://www.securityfocus.com/bid/103385 | Broken Link, Third Party Advisory, VDB Entry | |
psirt@adobe.com | http://www.securitytracker.com/id/1040509 | Broken Link, Third Party Advisory, VDB Entry | |
psirt@adobe.com | https://access.redhat.com/errata/RHSA-2018:0520 | Third Party Advisory | |
psirt@adobe.com | https://helpx.adobe.com/security/products/flash-player/apsb18-05.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/103385 | Broken Link, Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1040509 | Broken Link, Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:0520 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/flash-player/apsb18-05.html | Patch, Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "BD85F7DC-D1AF-403E-9162-CC770A906D52", "versionEndIncluding": "28.0.0.161", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "7C316A03-F2B1-4F5E-A34F-18583D27CACC", "versionEndIncluding": "28.0.0.161", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "7E1828C0-D5EA-4D4E-90E4-FB0D49369FCE", "versionEndIncluding": "28.0.0.161", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "204A0446-C7BB-4B26-80E4-CF18E07324DC", "versionEndIncluding": "28.0.0.161", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 28.0.0.161 and earlier have an exploitable use after free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user." }, { "lang": "es", "value": "Adobe Flash Player, en versiones 28.0.0.161 y anteriores, tiene una vulnerabilidad explotable de uso de memoria previamente liberada. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo en el contexto del usuario actual." } ], "id": "CVE-2018-4919", "lastModified": "2024-11-21T04:07:42.673", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-05-19T17:29:00.650", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/103385" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1040509" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:0520" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-05.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/103385" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1040509" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:0520" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-05.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-05-09 16:29
Modified
2024-11-21 03:24
Severity ?
Summary
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BitmapData class. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player_desktop_runtime | * | |
linux | linux_kernel | - | |
microsoft | windows | - | |
redhat | enterprise_linux | 6.0 | |
redhat | enterprise_linux_desktop | 6.0 | |
redhat | enterprise_linux_workstation | 6.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "468D7461-525B-4955-86D3-634AD5F67D8B", "versionEndIncluding": "25.0.0.163", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "F993D3FB-20C2-45F9-B12A-C3B43626BE87", "versionEndIncluding": "25.0.0.148", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E1797469-2189-46B4-B989-65C723FB94DE", "versionEndIncluding": "25.0.0.148", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "5911F9A3-8BF4-41EC-A676-0B82E2BB955D", "versionEndIncluding": "25.0.0.148", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "388C1F56-BCBB-486E-8782-322283207C1F", "versionEndIncluding": "25.0.0.148", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BitmapData class. Successful exploitation could lead to arbitrary code execution." }, { "lang": "es", "value": "Flash Player versiones 25.0.0.148 y anteriores de Adobe, presenta una vulnerabilidad de corrupci\u00f3n de memoria explotable en la clase BitmapData. Una explotaci\u00f3n con \u00e9xito podr\u00eda conllevar a la ejecuci\u00f3n de c\u00f3digo arbitraria." } ], "id": "CVE-2017-3072", "lastModified": "2024-11-21T03:24:46.503", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-05-09T16:29:00.323", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/98349" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1038427" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2017:1219" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-15.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201705-12" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/98349" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1038427" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2017:1219" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-15.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201705-12" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4244, CVE-2016-4245 y CVE-2016-4246." } ], "id": "CVE-2016-4243", "lastModified": "2024-11-21T02:51:42.893", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T02:00:49.657", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201607-03" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-10-22 19:29
Modified
2024-11-21 03:07
Severity ?
Summary
Adobe Flash Player version 27.0.0.159 and earlier has a flawed bytecode verification procedure, which allows for an untrusted value to be used in the calculation of an array index. This can lead to type confusion, and successful exploitation could lead to arbitrary code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
redhat | enterprise_linux_desktop | 6.0 | |
redhat | enterprise_linux_server | 6.0 | |
redhat | enterprise_linux_workstation | 6.0 |
{ "cisaActionDue": "2022-03-24", "cisaExploitAdd": "2022-03-03", "cisaRequiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "cisaVulnerabilityName": "Adobe Flash Player Type Confusion Vulnerability", "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "BE22B5D8-0B12-4058-A369-AC20E57630B6", "versionEndIncluding": "27.0.0.159", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "B06EC24D-217E-4362-90A6-F07C03765797", "versionEndIncluding": "27.0.0.130", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "0C270BC4-E41E-4DBE-B2CC-22A6626F7C56", "versionEndIncluding": "27.0.0.130", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "31607166-57B0-4CA2-A05A-DF30F0A70EB8", "versionEndIncluding": "27.0.0.159", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player version 27.0.0.159 and earlier has a flawed bytecode verification procedure, which allows for an untrusted value to be used in the calculation of an array index. This can lead to type confusion, and successful exploitation could lead to arbitrary code execution." }, { "lang": "es", "value": "Adobe Flash Player en sus versiones 27.0.0.159 y anteriores tiene un procedimiento de verificaci\u00f3n de c\u00f3digo de bytes con errores, lo que permite que un valor que no es de confianza se emplee en el c\u00e1lculo de un \u00edndice de arrays. Esto puede llevar a una confusi\u00f3n de tipos, y la explotaci\u00f3n con \u00e9xito podr\u00eda desembocar en la ejecuci\u00f3n de c\u00f3digo arbitrario." } ], "id": "CVE-2017-11292", "lastModified": "2024-11-21T03:07:29.570", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 6.8, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-10-22T19:29:00.237", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/101286" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1039582" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2017:2899" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-32.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201710-22" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/101286" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1039582" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2017:2899" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-32.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201710-22" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-843" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-04-09 01:59
Modified
2024-11-21 02:45
Severity ?
Summary
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "DBB40E98-5A3C-4D4E-BF35-66D8490D6B96", "versionEndIncluding": "11.2.202.577", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EAB15A84-C6CE-4B87-B058-1ACAF56D96A5", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "68F6E54E-28D2-460A-9167-8BD0D3283E26", "versionEndIncluding": "18.0.0.333", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "0303DA1C-3C95-4E68-B654-579A302FDF62", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "9B384454-A4B4-4E57-8B0C-2B7BB8DCC545", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "7B5CCFA5-1620-4BC0-ABC3-10F6CFC2D7FB", "versionEndIncluding": "21.0.0.197", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "5C86F836-BD68-4B24-87F0-536D61670256", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "B2F4F71D-DA29-43C6-B71F-26F0E1E82619", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "B1EBEC22-8E22-47A6-B3F9-2D577AFE5FA1", "versionEndIncluding": "21.0.0.176", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.343 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.213 en Windows y OS X y en versiones anteriores a 11.2.202.616 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente de CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032 y CVE-2016-1033." } ], "id": "CVE-2016-1026", "lastModified": "2024-11-21T02:45:37.523", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-04-09T01:59:40.843", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/85932" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035509" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/85932" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1035509" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 01:59
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245 y CVE-2016-4246." } ], "id": "CVE-2016-4185", "lastModified": "2024-11-21T02:51:34.933", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T01:59:54.660", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-02-10 20:59
Modified
2024-11-21 02:42
Severity ?
Summary
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "9C8C62C1-327A-4D04-A51C-0614DB4F5493", "versionEndIncluding": "11.2.202.559", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "BAFA5674-4EBC-4587-87C6-22A522B487C6", "versionEndIncluding": "20.0.0.286", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "002CFEA6-D147-44B4-90FC-0D3C68D96082", "versionEndIncluding": "18.0.0.326", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "F40FBAAB-92FC-45AF-B656-E87ECC4C4816", "versionEndIncluding": "20.0.0.272", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "686929A4-EB67-47B6-87EC-453BCD13FE20", "versionEndIncluding": "20.0.0.286", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E823E5FE-7367-41DE-8CD7-842C5C2F53CE", "versionEndIncluding": "20.0.0.272", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "18BA497D-0C1D-451E-B54F-4028FD9B9F3B", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "F09C5C9A-0493-4601-84AE-3A9C5985231D", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "00D08966-361A-430D-9B39-ED143404EBF6", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.329 y 19.x y 20.x en versiones anteriores a 20.0.0.306 en Windows y OS X y en versiones anteriores a 11.2.202.569 en Linux, Adobe AIR en versiones anteriores a 20.0.0.260, Adobe AIR SDK en versiones anteriores a 20.0.0.260 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 20.0.0.260 permiten a atacantes ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980 y CVE-2016-0981." } ], "id": "CVE-2016-0964", "lastModified": "2024-11-21T02:42:43.840", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-02-10T20:59:11.873", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1034970" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "psirt@adobe.com", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/39467/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1034970" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/39467/" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-06-16 14:59
Modified
2024-11-21 02:51
Severity ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "EC2F8B78-73CC-44EC-BACF-A2878252992B", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "363B5A6C-BEE3-4141-8CDD-C1EA06FAD441", "versionEndIncluding": "11.2.202.621", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "80E80DEC-4724-49F4-BD19-4687A83CA56E", "versionEndIncluding": "18.0.0.352", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E51D60E3-00C6-459E-B2B9-CA7E25D02FDA", "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "AEBB9124-E2D5-435E-A59A-9B250374ABD6", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "39AF0D5D-0C43-4290-B815-19DB07A2FC1A", "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F", "vulnerable": true }, { "criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*", "matchCriteriaId": "028ABA8F-4E7B-4CD0-B6FC-3A0941E254BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "ED540469-C4DD-485D-9B89-6877B2A74217", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." }, { "lang": "es", "value": "Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librer\u00edas Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos, una vulnerabiliad diferente a otras CVEs listadas en MS16-083." } ], "id": "CVE-2016-4129", "lastModified": "2024-11-21T02:51:26.347", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-06-16T14:59:10.433", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036117" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-07-13 01:59
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
linux | linux_kernel | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5", "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230", "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800", "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909", "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245 y CVE-2016-4246." } ], "id": "CVE-2016-4183", "lastModified": "2024-11-21T02:51:34.633", "metrics": { "cvssMetricV2": [ { "acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-07-13T01:59:52.833", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/91725" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-05-09 16:29
Modified
2024-11-21 03:24
Severity ?
Summary
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when masking display objects. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player_desktop_runtime | * | |
linux | linux_kernel | - | |
microsoft | windows | - | |
redhat | enterprise_linux | 6.0 | |
redhat | enterprise_linux_desktop | 6.0 | |
redhat | enterprise_linux_workstation | 6.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "468D7461-525B-4955-86D3-634AD5F67D8B", "versionEndIncluding": "25.0.0.163", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "F993D3FB-20C2-45F9-B12A-C3B43626BE87", "versionEndIncluding": "25.0.0.148", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "E1797469-2189-46B4-B989-65C723FB94DE", "versionEndIncluding": "25.0.0.148", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "5911F9A3-8BF4-41EC-A676-0B82E2BB955D", "versionEndIncluding": "25.0.0.148", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "388C1F56-BCBB-486E-8782-322283207C1F", "versionEndIncluding": "25.0.0.148", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when masking display objects. Successful exploitation could lead to arbitrary code execution." }, { "lang": "es", "value": "Flash Player versiones 25.0.0.148 y anteriores de Adobe, presenta una vulnerabilidad de uso de la memoria previamente liberada explotable cuando se enmascaran objetos de visualizaci\u00f3n. Una explotaci\u00f3n con \u00e9xito podr\u00eda conllevar a la ejecuci\u00f3n de c\u00f3digo arbitraria." } ], "id": "CVE-2017-3071", "lastModified": "2024-11-21T03:24:46.373", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-05-09T16:29:00.293", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/98347" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1038427" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2017:1219" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-15.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201705-12" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/98347" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1038427" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2017:1219" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-15.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201705-12" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2015-01-28 22:59
Modified
2024-11-21 02:22
Severity ?
Summary
Double free vulnerability in Adobe Flash Player before 13.0.0.264 and 14.x through 16.x before 16.0.0.296 on Windows and OS X and before 11.2.202.440 on Linux allows attackers to execute arbitrary code via unspecified vectors.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player | * | |
microsoft | internet_explorer | 10 | |
microsoft | internet_explorer | 11 | |
microsoft | windows_8 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
apple | macos | - | |
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | macos | - | |
microsoft | windows | - | |
adobe | flash_player_desktop_runtime | * | |
apple | macos | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "774569CC-7893-4712-9BAF-96F6C58F1F10", "versionEndIncluding": "11.2.202.438", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "2629DB40-84BE-4CD7-87FB-A9765AA9B52A", "versionEndIncluding": "16.0.0.287", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*", "matchCriteriaId": "D5808661-A082-4CBE-808C-B253972487B4", "vulnerable": false }, { "criteria": "cpe:2.3:a:microsoft:internet_explorer:11:-:*:*:*:*:*:*", "matchCriteriaId": "D7809F78-8D56-4925-A8F9-4119B973A667", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*", "matchCriteriaId": "0D229E41-A971-4284-9657-16D78414B93F", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "7629FE80-4A29-4D8E-BE83-2E41940BDBC8", "versionEndIncluding": "16.0.0.287", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:extended_support:*:*:*", "matchCriteriaId": "B52F9E76-EA91-4B27-98B4-A3A2D19A12A3", "versionEndIncluding": "13.0.0.262", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "990A74EA-AB1F-40F8-8D61-CCF74E96242F", "versionEndIncluding": "16.0.0.287", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Double free vulnerability in Adobe Flash Player before 13.0.0.264 and 14.x through 16.x before 16.0.0.296 on Windows and OS X and before 11.2.202.440 on Linux allows attackers to execute arbitrary code via unspecified vectors." }, { "lang": "es", "value": "Vulnerabilidad de doble liberaci\u00f3n en Adobe Flash Player anterior a 13.0.0.264 y 14.x hasta 16.x anterior a 16.0.0.296 en Windows y OS X y anterior a 11.2.202.440 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados." } ], "id": "CVE-2015-0312", "lastModified": "2024-11-21T02:22:47.727", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2015-01-28T22:59:01.937", "references": [ { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://helpx.adobe.com/security/products/flash-player/apsb15-03.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/62432" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/62543" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/62660" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/72343" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1031634" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100394" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://technet.microsoft.com/library/security/2755801" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://helpx.adobe.com/security/products/flash-player/apsb15-03.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/62432" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/62543" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/62660" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/72343" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1031634" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100394" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://technet.microsoft.com/library/security/2755801" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-415" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-06-16 14:59
Modified
2024-11-21 02:51
Severity ?
Summary
Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4160, CVE-2016-4161, and CVE-2016-4163.
References
▼ | URL | Tags | |
---|---|---|---|
psirt@adobe.com | http://rhn.redhat.com/errata/RHSA-2016-1079.html | Third Party Advisory | |
psirt@adobe.com | http://www.securityfocus.com/bid/90618 | Broken Link, Third Party Advisory, VDB Entry | |
psirt@adobe.com | https://helpx.adobe.com/security/products/flash-player/apsb16-15.html | Patch, Vendor Advisory | |
psirt@adobe.com | https://security.gentoo.org/glsa/201606-08 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2016-1079.html | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/90618 | Broken Link, Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/flash-player/apsb16-15.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201606-08 | Third Party Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_desktop_runtime | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "6FE9A1FF-A8FB-4705-AAA2-76022BC3177D", "versionEndIncluding": "21.0.0.241", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "8B11675D-1F0B-4CF1-B9CB-9D9109ACBD0F", "versionEndIncluding": "21.0.0.241", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "6510599C-F0BE-49FD-94A1-7CC7F956FE9B", "versionEndIncluding": "18.0.0.343", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "590F571C-F892-4B40-988D-E0C496F62457", "versionEndIncluding": "21.0.0.198", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "FD6F6486-94C1-44D8-828A-51C257CCC0EC", "versionEndIncluding": "21.0.0.198", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "E335D8A1-5BD1-4A6E-A5DB-FC88A2A91C38", "versionEndIncluding": "11.2.202.616", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "0BAD76E9-AB24-4E7E-B9B0-3B509A4C190C", "versionEndIncluding": "21.0.0.216", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "FC3AC109-2F61-43DC-9490-07920FFC9E69", "versionEndIncluding": "21.0.0.226", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "08AF08C7-348E-4C2A-AA14-8E561A2233CA", "versionEndIncluding": "21.0.0.198", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4160, CVE-2016-4161, and CVE-2016-4163." }, { "lang": "es", "value": "Adobe Flash Player en versiones anteriores a 18.0.0.352 y 19.x hasta la versi\u00f3n 21.x en versiones anteriores a 21.0.0.242 en Windows y SO X y en versiones anteriores a 11.2.202.621 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4160, CVE-2016-4161 y CVE-2016-4163." } ], "id": "CVE-2016-4162", "lastModified": "2024-11-21T02:51:31.347", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-06-16T14:59:44.890", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1079.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/90618" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201606-08" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1079.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/90618" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201606-08" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-02-10 20:59
Modified
2024-11-21 02:42
Severity ?
Summary
Use-after-free vulnerability in the URLRequest object implementation in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows attackers to execute arbitrary code via a URLLoader.load call, a different vulnerability than CVE-2016-0974, CVE-2016-0975, CVE-2016-0982, CVE-2016-0983, and CVE-2016-0984.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
adobe | flash_player_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - | |
microsoft | windows_10 | - | |
adobe | flash_player | * | |
adobe | air_desktop_runtime | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | air_sdk | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - | |
adobe | air_sdk_\&_compiler | * | |
apple | iphone_os | - | |
apple | mac_os_x | - | |
android | - | ||
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "9C8C62C1-327A-4D04-A51C-0614DB4F5493", "versionEndIncluding": "11.2.202.559", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "BAFA5674-4EBC-4587-87C6-22A522B487C6", "versionEndIncluding": "20.0.0.286", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "002CFEA6-D147-44B4-90FC-0D3C68D96082", "versionEndIncluding": "18.0.0.326", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "F40FBAAB-92FC-45AF-B656-E87ECC4C4816", "versionEndIncluding": "20.0.0.272", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "686929A4-EB67-47B6-87EC-453BCD13FE20", "versionEndIncluding": "20.0.0.286", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "E823E5FE-7367-41DE-8CD7-842C5C2F53CE", "versionEndIncluding": "20.0.0.272", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "18BA497D-0C1D-451E-B54F-4028FD9B9F3B", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "F09C5C9A-0493-4601-84AE-3A9C5985231D", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "00D08966-361A-430D-9B39-ED143404EBF6", "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in the URLRequest object implementation in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allows attackers to execute arbitrary code via a URLLoader.load call, a different vulnerability than CVE-2016-0974, CVE-2016-0975, CVE-2016-0982, CVE-2016-0983, and CVE-2016-0984." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en la implementaci\u00f3n de objeto URLRequest en Adobe Flash Player en versiones anteriores a 18.0.0.329 y 19.x y 20.x en versiones anteriores a 20.0.0.306 en Windows y OS X y en versiones anteriores a 11.2.202.569 en Linux, Adobe AIR en versiones anteriores a 20.0.0.260, Adobe AIR SDK en versiones anteriores a 20.0.0.260 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 20.0.0.260 permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de una llamada URLLoader.load, una vulnerabilidad diferente a CVE-2016-0974, CVE-2016-0975, CVE-2016-0982, CVE-2016-0983 y CVE-2016-0984." } ], "id": "CVE-2016-0973", "lastModified": "2024-11-21T02:42:45.233", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-02-10T20:59:21.063", "references": [ { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1034970" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://zerodayinitiative.com/advisories/ZDI-16-161/" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1034970" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://zerodayinitiative.com/advisories/ZDI-16-161/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201603-07" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-09-14 18:59
Modified
2024-11-21 02:57
Severity ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | flash_player | * | |
linux | linux_kernel | - | |
microsoft | windows_10 | - | |
microsoft | windows_8.1 | - | |
adobe | flash_player | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player_desktop_runtime | * | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
microsoft | windows | - | |
adobe | flash_player | * | |
apple | mac_os_x | - | |
chrome_os | - | ||
linux | linux_kernel | - | |
microsoft | windows | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "E7CA6039-558F-4C74-95A6-5C651DD6884D", "versionEndIncluding": "11.2.202.632", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "15F5093D-7418-4D20-BFBA-081D69D7AE7F", "versionEndIncluding": "22.0.0.211", "vulnerable": true }, { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "matchCriteriaId": "CE5BB30B-7DE2-469E-AF95-D552C2BF15F8", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "186A94B2-FFE5-48FF-BADA-0A8083C6CD3D", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "matchCriteriaId": "7DB6BA20-BD01-4169-AFE3-07DEB17381C9", "versionEndIncluding": "18.0.0.366", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "156F0DBE-F62C-4596-BF96-9E1224B74494", "versionEndIncluding": "22.0.0.211", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932." }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.375 y 19.x hasta la versi\u00f3n 23.x en versiones anteriores a 23.0.0.162 en Windows y OS X y en versiones anteriores a 11.2.202.635 en Linux permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931 y CVE-2016-6932." } ], "id": "CVE-2016-6925", "lastModified": "2024-11-21T02:57:06.940", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-09-14T18:59:21.843", "references": [ { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/92927" }, { "source": "psirt@adobe.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "psirt@adobe.com", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/92927" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036791" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201610-10" } ], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
cve-2017-2982
Vulnerability from cvelistv5
Published
2017-02-15 06:11
Modified
2024-08-05 14:09
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in a routine related to player shutdown. Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201702-20 | vendor-advisory, x_refsource_GENTOO | |
http://www.securityfocus.com/bid/96199 | vdb-entry, x_refsource_BID | |
http://rhn.redhat.com/errata/RHSA-2017-0275.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1037815 | vdb-entry, x_refsource_SECTRACK | |
https://helpx.adobe.com/security/products/flash-player/apsb17-04.html | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 24.0.0.194 and earlier. |
Version: Adobe Flash Player 24.0.0.194 and earlier. |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T14:09:17.860Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201702-20", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201702-20" }, { "name": "96199", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/96199" }, { "name": "RHSA-2017:0275", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "name": "1037815", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1037815" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 24.0.0.194 and earlier.", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 24.0.0.194 and earlier." } ] } ], "datePublic": "2017-02-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in a routine related to player shutdown. Successful exploitation could lead to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Use After Free", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201702-20", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201702-20" }, { "name": "96199", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/96199" }, { "name": "RHSA-2017:0275", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "name": "1037815", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1037815" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2017-2982", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 24.0.0.194 and earlier.", "version": { "version_data": [ { "version_value": "Adobe Flash Player 24.0.0.194 and earlier." } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in a routine related to player shutdown. Successful exploitation could lead to arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Use After Free" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201702-20", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201702-20" }, { "name": "96199", "refsource": "BID", "url": "http://www.securityfocus.com/bid/96199" }, { "name": "RHSA-2017:0275", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "name": "1037815", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037815" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2017-2982", "datePublished": "2017-02-15T06:11:00", "dateReserved": "2016-12-02T00:00:00", "dateUpdated": "2024-08-05T14:09:17.860Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-1026
Vulnerability from cvelistv5
Published
2016-04-09 01:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html | vendor-advisory, x_refsource_SUSE | |
http://rhn.redhat.com/errata/RHSA-2016-0610.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/bid/85932 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1035509 | vdb-entry, x_refsource_SECTRACK | |
https://helpx.adobe.com/security/products/flash-player/apsb16-10.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.618Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1305", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "RHSA-2016:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "85932", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/85932" }, { "name": "1035509", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1035509" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-04-07T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-06-07T09:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1305", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "RHSA-2016:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "85932", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/85932" }, { "name": "1035509", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1035509" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-1026", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1305", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "RHSA-2016:0610", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "85932", "refsource": "BID", "url": "http://www.securityfocus.com/bid/85932" }, { "name": "1035509", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035509" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-1026", "datePublished": "2016-04-09T01:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.618Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-0963
Vulnerability from cvelistv5
Published
2016-03-12 15:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0993 and CVE-2016-1010.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html | vendor-advisory, x_refsource_SUSE | |
http://www.securitytracker.com/id/1035251 | vdb-entry, x_refsource_SECTRACK | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html | vendor-advisory, x_refsource_SUSE | |
https://security.gentoo.org/glsa/201603-07 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-08.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/84308 | vdb-entry, x_refsource_BID | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html | vendor-advisory, x_refsource_SUSE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.537Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "openSUSE-SU-2016:0734", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "84308", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/84308" }, { "name": "SUSE-SU-2016:0716", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-03-10T00:00:00", "descriptions": [ { "lang": "en", "value": "Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0993 and CVE-2016-1010." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-02-03T10:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "openSUSE-SU-2016:0734", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "84308", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/84308" }, { "name": "SUSE-SU-2016:0716", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-0963", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0993 and CVE-2016-1010." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "openSUSE-SU-2016:0734", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "GLSA-201603-07", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "84308", "refsource": "BID", "url": "http://www.securityfocus.com/bid/84308" }, { "name": "SUSE-SU-2016:0716", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-0963", "datePublished": "2016-03-12T15:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.537Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4176
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4177.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
https://www.exploit-db.com/exploits/40105/ | exploit, x_refsource_EXPLOIT-DB | |
http://www.securityfocus.com/bid/91721 | vdb-entry, x_refsource_BID | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093 | vendor-advisory, x_refsource_MS | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.295Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "40105", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/40105/" }, { "name": "91721", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91721" }, { "name": "MS16-093", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4177." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "40105", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/40105/" }, { "name": "91721", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91721" }, { "name": "MS16-093", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4176", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4177." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "40105", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/40105/" }, { "name": "91721", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91721" }, { "name": "MS16-093", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4176", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.295Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2015-8657
Vulnerability from cvelistv5
Published
2016-03-04 23:00
Modified
2024-08-06 08:20
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8654, CVE-2015-8656, CVE-2015-8658, and CVE-2015-8820.
References
▼ | URL | Tags |
---|---|---|
https://helpx.adobe.com/security/products/flash-player/apsb15-32.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/84160 | vdb-entry, x_refsource_BID | |
http://www.zerodayinitiative.com/advisories/ZDI-15-660 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T08:20:43.676Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" }, { "name": "84160", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/84160" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-660" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-03-02T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK \u0026 Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8654, CVE-2015-8656, CVE-2015-8658, and CVE-2015-8820." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-11-25T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" }, { "name": "84160", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/84160" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-660" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2015-8657", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK \u0026 Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8654, CVE-2015-8656, CVE-2015-8658, and CVE-2015-8820." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" }, { "name": "84160", "refsource": "BID", "url": "http://www.securityfocus.com/bid/84160" }, { "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-660", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-660" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2015-8657", "datePublished": "2016-03-04T23:00:00", "dateReserved": "2015-12-23T00:00:00", "dateUpdated": "2024-08-06T08:20:43.676Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-0974
Vulnerability from cvelistv5
Published
2016-02-10 20:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0973, CVE-2016-0975, CVE-2016-0982, CVE-2016-0983, and CVE-2016-0984.
References
▼ | URL | Tags |
---|---|---|
https://www.exploit-db.com/exploits/39463/ | exploit, x_refsource_EXPLOIT-DB | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html | vendor-advisory, x_refsource_SUSE | |
http://www.securitytracker.com/id/1034970 | vdb-entry, x_refsource_SECTRACK | |
https://security.gentoo.org/glsa/201603-07 | vendor-advisory, x_refsource_GENTOO | |
http://rhn.redhat.com/errata/RHSA-2016-0166.html | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-04.html | x_refsource_CONFIRM | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html | vendor-advisory, x_refsource_SUSE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.072Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "39463", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/39463/" }, { "name": "SUSE-SU-2016:0400", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-02-09T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0973, CVE-2016-0975, CVE-2016-0982, CVE-2016-0983, and CVE-2016-0984." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-09T09:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "39463", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/39463/" }, { "name": "SUSE-SU-2016:0400", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-0974", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0973, CVE-2016-0975, CVE-2016-0982, CVE-2016-0983, and CVE-2016-0984." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "39463", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/39463/" }, { "name": "SUSE-SU-2016:0400", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-0974", "datePublished": "2016-02-10T20:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.072Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-0980
Vulnerability from cvelistv5
Published
2016-02-10 20:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, and CVE-2016-0981.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html | vendor-advisory, x_refsource_SUSE | |
http://www.securitytracker.com/id/1034970 | vdb-entry, x_refsource_SECTRACK | |
https://security.gentoo.org/glsa/201603-07 | vendor-advisory, x_refsource_GENTOO | |
http://rhn.redhat.com/errata/RHSA-2016-0166.html | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-04.html | x_refsource_CONFIRM | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html | vendor-advisory, x_refsource_SUSE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.467Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:0400", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-02-09T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, and CVE-2016-0981." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-12-02T20:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:0400", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-0980", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, and CVE-2016-0981." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:0400", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-0980", "datePublished": "2016-02-10T20:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.467Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-7096
Vulnerability from cvelistv5
Published
2019-05-23 16:55
Modified
2024-08-04 20:38
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 32.0.0.156 and earlier, 32.0.0.156 and earlier, and 32.0.0.156 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
https://helpx.adobe.com/security/products/flash-player/apsb19-19.html | x_refsource_CONFIRM | |
https://security.gentoo.org/glsa/201908-21 | vendor-advisory, x_refsource_GENTOO |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Adobe | Adobe Flash Player |
Version: 32.0.0.156 and earlier, 32.0.0.156 and earlier, and 32.0.0.156 and earlier versions |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T20:38:33.188Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb19-19.html" }, { "name": "GLSA-201908-21", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201908-21" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player", "vendor": "Adobe", "versions": [ { "status": "affected", "version": "32.0.0.156 and earlier, 32.0.0.156 and earlier, and 32.0.0.156\u202fand earlier versions" } ] } ], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 32.0.0.156 and earlier, 32.0.0.156 and earlier, and 32.0.0.156 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Use After Free", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-08-18T04:06:07", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb19-19.html" }, { "name": "GLSA-201908-21", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201908-21" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2019-7096", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player", "version": { "version_data": [ { "version_value": "32.0.0.156 and earlier, 32.0.0.156 and earlier, and 32.0.0.156\u202fand earlier versions" } ] } } ] }, "vendor_name": "Adobe" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 32.0.0.156 and earlier, 32.0.0.156 and earlier, and 32.0.0.156 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Use After Free" } ] } ] }, "references": { "reference_data": [ { "name": "https://helpx.adobe.com/security/products/flash-player/apsb19-19.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb19-19.html" }, { "name": "GLSA-201908-21", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201908-21" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2019-7096", "datePublished": "2019-05-23T16:55:40", "dateReserved": "2019-01-28T00:00:00", "dateUpdated": "2024-08-04T20:38:33.188Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-3069
Vulnerability from cvelistv5
Published
2017-05-09 16:00
Modified
2024-08-05 14:16
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BlendMode class. Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201705-12 | vendor-advisory, x_refsource_GENTOO | |
https://helpx.adobe.com/security/products/flash-player/apsb17-15.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/98349 | vdb-entry, x_refsource_BID | |
https://access.redhat.com/errata/RHSA-2017:1219 | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1038427 | vdb-entry, x_refsource_SECTRACK |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 25.0.0.148 and earlier. |
Version: Adobe Flash Player 25.0.0.148 and earlier. |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T14:16:27.755Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201705-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201705-12" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-15.html" }, { "name": "98349", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/98349" }, { "name": "RHSA-2017:1219", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:1219" }, { "name": "1038427", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1038427" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 25.0.0.148 and earlier.", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 25.0.0.148 and earlier." } ] } ], "datePublic": "2017-05-09T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BlendMode class. Successful exploitation could lead to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Memory Corruption", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201705-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201705-12" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-15.html" }, { "name": "98349", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/98349" }, { "name": "RHSA-2017:1219", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:1219" }, { "name": "1038427", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1038427" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2017-3069", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 25.0.0.148 and earlier.", "version": { "version_data": [ { "version_value": "Adobe Flash Player 25.0.0.148 and earlier." } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BlendMode class. Successful exploitation could lead to arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Memory Corruption" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201705-12", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201705-12" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb17-15.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-15.html" }, { "name": "98349", "refsource": "BID", "url": "http://www.securityfocus.com/bid/98349" }, { "name": "RHSA-2017:1219", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:1219" }, { "name": "1038427", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1038427" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2017-3069", "datePublished": "2017-05-09T16:00:00", "dateReserved": "2016-12-02T00:00:00", "dateUpdated": "2024-08-05T14:16:27.755Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-0981
Vulnerability from cvelistv5
Published
2016-02-10 20:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, and CVE-2016-0980.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html | vendor-advisory, x_refsource_SUSE | |
http://www.securitytracker.com/id/1034970 | vdb-entry, x_refsource_SECTRACK | |
https://security.gentoo.org/glsa/201603-07 | vendor-advisory, x_refsource_GENTOO | |
http://rhn.redhat.com/errata/RHSA-2016-0166.html | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-04.html | x_refsource_CONFIRM | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html | vendor-advisory, x_refsource_SUSE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.524Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:0400", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-02-09T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, and CVE-2016-0980." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-12-02T20:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:0400", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-0981", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, and CVE-2016-0980." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:0400", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-0981", "datePublished": "2016-02-10T20:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.524Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4189
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/91715 | vdb-entry, x_refsource_BID | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.312Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "91715", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91715" }, { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "91715", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91715" }, { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4189", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "91715", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91715" }, { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4189", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.312Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4142
Vulnerability from cvelistv5
Published
2016-06-16 14:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
▼ | URL | Tags |
---|---|---|
http://www.securitytracker.com/id/1036117 | vdb-entry, x_refsource_SECTRACK | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083 | vendor-advisory, x_refsource_MS | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html | vendor-advisory, x_refsource_SUSE | |
https://access.redhat.com/errata/RHSA-2016:1238 | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-18.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.253Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-06-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4142", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1036117", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4142", "datePublished": "2016-06-16T14:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.253Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4273
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989, and CVE-2016-6990.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201610-10 | vendor-advisory, x_refsource_GENTOO | |
https://helpx.adobe.com/security/products/flash-player/apsb16-32.html | x_refsource_CONFIRM | |
https://www.exploit-db.com/exploits/40510/ | exploit, x_refsource_EXPLOIT-DB | |
http://www.securityfocus.com/bid/93490 | vdb-entry, x_refsource_BID | |
http://rhn.redhat.com/errata/RHSA-2016-2057.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1036985 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:25:14.062Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "name": "40510", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/40510/" }, { "name": "93490", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/93490" }, { "name": "RHSA-2016:2057", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "name": "1036985", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036985" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-10-11T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989, and CVE-2016-6990." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "name": "40510", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/40510/" }, { "name": "93490", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/93490" }, { "name": "RHSA-2016:2057", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "name": "1036985", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036985" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4273", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989, and CVE-2016-6990." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201610-10", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201610-10" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "name": "40510", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/40510/" }, { "name": "93490", "refsource": "BID", "url": "http://www.securityfocus.com/bid/93490" }, { "name": "RHSA-2016:2057", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "name": "1036985", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036985" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4273", "datePublished": "2016-10-13T19:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:25:14.062Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-6927
Vulnerability from cvelistv5
Published
2016-09-14 18:00
Modified
2024-08-06 01:43
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201610-10 | vendor-advisory, x_refsource_GENTOO | |
https://helpx.adobe.com/security/products/flash-player/apsb16-29.html | x_refsource_CONFIRM | |
http://rhn.redhat.com/errata/RHSA-2016-1865.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/bid/92927 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1036791 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T01:43:38.492Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92927", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/92927" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036791" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-09-13T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92927", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/92927" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036791" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-6927", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201610-10", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201610-10" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92927", "refsource": "BID", "url": "http://www.securityfocus.com/bid/92927" }, { "name": "1036791", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036791" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-6927", "datePublished": "2016-09-14T18:00:00", "dateReserved": "2016-08-23T00:00:00", "dateUpdated": "2024-08-06T01:43:38.492Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-1017
Vulnerability from cvelistv5
Published
2016-04-09 01:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in the LoadVars.decode function in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1011, CVE-2016-1013, CVE-2016-1016, and CVE-2016-1031.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/85926 | vdb-entry, x_refsource_BID | |
http://rhn.redhat.com/errata/RHSA-2016-0610.html | vendor-advisory, x_refsource_REDHAT | |
http://www.zerodayinitiative.com/advisories/ZDI-16-225/ | x_refsource_MISC | |
http://www.securitytracker.com/id/1035509 | vdb-entry, x_refsource_SECTRACK | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050 | vendor-advisory, x_refsource_MS | |
https://helpx.adobe.com/security/products/flash-player/apsb16-10.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.482Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1305", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "85926", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/85926" }, { "name": "RHSA-2016:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-225/" }, { "name": "1035509", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1035509" }, { "name": "MS16-050", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-04-07T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in the LoadVars.decode function in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1011, CVE-2016-1013, CVE-2016-1016, and CVE-2016-1031." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1305", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "85926", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/85926" }, { "name": "RHSA-2016:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-225/" }, { "name": "1035509", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1035509" }, { "name": "MS16-050", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-1017", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in the LoadVars.decode function in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1011, CVE-2016-1013, CVE-2016-1016, and CVE-2016-1031." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1305", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "85926", "refsource": "BID", "url": "http://www.securityfocus.com/bid/85926" }, { "name": "RHSA-2016:0610", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-225/", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-225/" }, { "name": "1035509", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035509" }, { "name": "MS16-050", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-1017", "datePublished": "2016-04-09T01:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.482Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-1011
Vulnerability from cvelistv5
Published
2016-04-09 01:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1013, CVE-2016-1016, CVE-2016-1017, and CVE-2016-1031.
References
▼ | URL | Tags |
---|---|---|
http://packetstormsecurity.com/files/137050/Adobe-Flash-MovieClip.duplicateMovieClip-Use-After-Free.html | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html | vendor-advisory, x_refsource_SUSE | |
https://www.exploit-db.com/exploits/39779/ | exploit, x_refsource_EXPLOIT-DB | |
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/85926 | vdb-entry, x_refsource_BID | |
http://rhn.redhat.com/errata/RHSA-2016-0610.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1035509 | vdb-entry, x_refsource_SECTRACK | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050 | vendor-advisory, x_refsource_MS | |
https://helpx.adobe.com/security/products/flash-player/apsb16-10.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.563Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/137050/Adobe-Flash-MovieClip.duplicateMovieClip-Use-After-Free.html" }, { "name": "SUSE-SU-2016:1305", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "39779", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/39779/" }, { "name": "openSUSE-SU-2016:1306", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "85926", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/85926" }, { "name": "RHSA-2016:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "1035509", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1035509" }, { "name": "MS16-050", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-04-07T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1013, CVE-2016-1016, CVE-2016-1017, and CVE-2016-1031." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/137050/Adobe-Flash-MovieClip.duplicateMovieClip-Use-After-Free.html" }, { "name": "SUSE-SU-2016:1305", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "39779", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/39779/" }, { "name": "openSUSE-SU-2016:1306", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "85926", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/85926" }, { "name": "RHSA-2016:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "1035509", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1035509" }, { "name": "MS16-050", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-1011", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1013, CVE-2016-1016, CVE-2016-1017, and CVE-2016-1031." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://packetstormsecurity.com/files/137050/Adobe-Flash-MovieClip.duplicateMovieClip-Use-After-Free.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/137050/Adobe-Flash-MovieClip.duplicateMovieClip-Use-After-Free.html" }, { "name": "SUSE-SU-2016:1305", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "39779", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/39779/" }, { "name": "openSUSE-SU-2016:1306", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "85926", "refsource": "BID", "url": "http://www.securityfocus.com/bid/85926" }, { "name": "RHSA-2016:0610", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "1035509", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035509" }, { "name": "MS16-050", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-1011", "datePublished": "2016-04-09T01:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.563Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4188
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/91725 | vdb-entry, x_refsource_BID | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093 | vendor-advisory, x_refsource_MS | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.315Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4188", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91725" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4188", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.315Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-6982
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:50
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989, and CVE-2016-6990.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201610-10 | vendor-advisory, x_refsource_GENTOO | |
https://helpx.adobe.com/security/products/flash-player/apsb16-32.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/93490 | vdb-entry, x_refsource_BID | |
http://rhn.redhat.com/errata/RHSA-2016-2057.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1036985 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T01:50:47.472Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "name": "93490", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/93490" }, { "name": "RHSA-2016:2057", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "name": "1036985", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036985" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-10-11T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989, and CVE-2016-6990." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "name": "93490", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/93490" }, { "name": "RHSA-2016:2057", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "name": "1036985", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036985" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-6982", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989, and CVE-2016-6990." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201610-10", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201610-10" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "name": "93490", "refsource": "BID", "url": "http://www.securityfocus.com/bid/93490" }, { "name": "RHSA-2016:2057", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "name": "1036985", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036985" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-6982", "datePublished": "2016-10-13T19:00:00", "dateReserved": "2016-08-23T00:00:00", "dateUpdated": "2024-08-06T01:50:47.472Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4125
Vulnerability from cvelistv5
Published
2016-06-16 14:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
▼ | URL | Tags |
---|---|---|
http://www.securitytracker.com/id/1036117 | vdb-entry, x_refsource_SECTRACK | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083 | vendor-advisory, x_refsource_MS | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html | vendor-advisory, x_refsource_SUSE | |
https://access.redhat.com/errata/RHSA-2016:1238 | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-18.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.081Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-06-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4125", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1036117", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4125", "datePublished": "2016-06-16T14:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.081Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-2987
Vulnerability from cvelistv5
Published
2017-02-15 06:11
Modified
2024-08-05 14:09
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable integer overflow vulnerability related to Flash Broker COM. Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/96194 | vdb-entry, x_refsource_BID | |
https://security.gentoo.org/glsa/201702-20 | vendor-advisory, x_refsource_GENTOO | |
http://rhn.redhat.com/errata/RHSA-2017-0275.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1037815 | vdb-entry, x_refsource_SECTRACK | |
https://helpx.adobe.com/security/products/flash-player/apsb17-04.html | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 24.0.0.194 and earlier. |
Version: Adobe Flash Player 24.0.0.194 and earlier. |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T14:09:17.802Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "96194", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/96194" }, { "name": "GLSA-201702-20", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201702-20" }, { "name": "RHSA-2017:0275", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "name": "1037815", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1037815" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 24.0.0.194 and earlier.", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 24.0.0.194 and earlier." } ] } ], "datePublic": "2017-02-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable integer overflow vulnerability related to Flash Broker COM. Successful exploitation could lead to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Integer Overflow", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "96194", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/96194" }, { "name": "GLSA-201702-20", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201702-20" }, { "name": "RHSA-2017:0275", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "name": "1037815", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1037815" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2017-2987", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 24.0.0.194 and earlier.", "version": { "version_data": [ { "version_value": "Adobe Flash Player 24.0.0.194 and earlier." } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable integer overflow vulnerability related to Flash Broker COM. Successful exploitation could lead to arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Integer Overflow" } ] } ] }, "references": { "reference_data": [ { "name": "96194", "refsource": "BID", "url": "http://www.securityfocus.com/bid/96194" }, { "name": "GLSA-201702-20", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201702-20" }, { "name": "RHSA-2017:0275", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "name": "1037815", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037815" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2017-2987", "datePublished": "2017-02-15T06:11:00", "dateReserved": "2016-12-02T00:00:00", "dateUpdated": "2024-08-05T14:09:17.802Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-0993
Vulnerability from cvelistv5
Published
2016-03-12 15:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0963 and CVE-2016-1010.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html | vendor-advisory, x_refsource_SUSE | |
http://www.securitytracker.com/id/1035251 | vdb-entry, x_refsource_SECTRACK | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html | vendor-advisory, x_refsource_SUSE | |
https://security.gentoo.org/glsa/201603-07 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-08.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/84308 | vdb-entry, x_refsource_BID | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html | vendor-advisory, x_refsource_SUSE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.533Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "openSUSE-SU-2016:0734", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "84308", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/84308" }, { "name": "SUSE-SU-2016:0716", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-03-10T00:00:00", "descriptions": [ { "lang": "en", "value": "Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0963 and CVE-2016-1010." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-02-03T10:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "openSUSE-SU-2016:0734", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "84308", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/84308" }, { "name": "SUSE-SU-2016:0716", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-0993", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0963 and CVE-2016-1010." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "openSUSE-SU-2016:0734", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "GLSA-201603-07", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "84308", "refsource": "BID", "url": "http://www.securityfocus.com/bid/84308" }, { "name": "SUSE-SU-2016:0716", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-0993", "datePublished": "2016-03-12T15:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.533Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-6987
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:50
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-6981.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201610-10 | vendor-advisory, x_refsource_GENTOO | |
https://helpx.adobe.com/security/products/flash-player/apsb16-32.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/93492 | vdb-entry, x_refsource_BID | |
http://rhn.redhat.com/errata/RHSA-2016-2057.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1036985 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T01:50:46.068Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "name": "93492", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/93492" }, { "name": "RHSA-2016:2057", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "name": "1036985", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036985" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-10-11T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-6981." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "name": "93492", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/93492" }, { "name": "RHSA-2016:2057", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "name": "1036985", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036985" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-6987", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-6981." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201610-10", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201610-10" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "name": "93492", "refsource": "BID", "url": "http://www.securityfocus.com/bid/93492" }, { "name": "RHSA-2016:2057", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "name": "1036985", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036985" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-6987", "datePublished": "2016-10-13T19:00:00", "dateReserved": "2016-08-23T00:00:00", "dateUpdated": "2024-08-06T01:50:46.068Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2015-5122
Vulnerability from cvelistv5
Published
2015-07-14 10:00
Modified
2024-08-06 06:32
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that leverages improper handling of the opaqueBackground property, as exploited in the wild in July 2015.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T06:32:32.895Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1032890", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1032890" }, { "name": "SUSE-SU-2015:1255", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00028.html" }, { "name": "HPSBMU03409", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952467" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.fireeye.com/blog/threat-research/2015/07/cve-2015-5122_-_seco.html" }, { "name": "TA15-195A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/ncas/alerts/TA15-195A" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-18.html" }, { "name": "SUSE-SU-2015:1258", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00029.html" }, { "name": "GLSA-201508-01", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201508-01" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.rapid7.com/db/modules/exploit/multi/browser/adobe_flash_opaque_background_uaf" }, { "name": "HPSBHF03509", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04796784" }, { "name": "RHSA-2015:1235", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1235.html" }, { "name": "SSRT102253", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04796784" }, { "name": "VU#338736", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/338736" }, { "name": "37599", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/37599/" }, { "name": "75712", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/75712" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/132663/Adobe-Flash-opaqueBackground-Use-After-Free.html" }, { "name": "openSUSE-SU-2015:1267", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00032.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://perception-point.io/2018/04/11/breaking-cfi-cve-2015-5122-coop/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsa15-04.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://perception-point.io/new/breaking-cfi.php" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-07-10T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that leverages improper handling of the opaqueBackground property, as exploited in the wild in July 2015." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-11-23T04:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "1032890", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1032890" }, { "name": "SUSE-SU-2015:1255", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00028.html" }, { "name": "HPSBMU03409", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952467" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.fireeye.com/blog/threat-research/2015/07/cve-2015-5122_-_seco.html" }, { "name": "TA15-195A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/ncas/alerts/TA15-195A" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-18.html" }, { "name": "SUSE-SU-2015:1258", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00029.html" }, { "name": "GLSA-201508-01", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201508-01" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.rapid7.com/db/modules/exploit/multi/browser/adobe_flash_opaque_background_uaf" }, { "name": "HPSBHF03509", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04796784" }, { "name": "RHSA-2015:1235", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1235.html" }, { "name": "SSRT102253", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04796784" }, { "name": "VU#338736", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/338736" }, { "name": "37599", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/37599/" }, { "name": "75712", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/75712" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/132663/Adobe-Flash-opaqueBackground-Use-After-Free.html" }, { "name": "openSUSE-SU-2015:1267", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00032.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://perception-point.io/2018/04/11/breaking-cfi-cve-2015-5122-coop/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsa15-04.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://perception-point.io/new/breaking-cfi.php" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2015-5122", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that leverages improper handling of the opaqueBackground property, as exploited in the wild in July 2015." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1032890", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1032890" }, { "name": "SUSE-SU-2015:1255", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00028.html" }, { "name": "HPSBMU03409", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2" }, { "name": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952467", "refsource": "CONFIRM", "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952467" }, { "name": "https://www.fireeye.com/blog/threat-research/2015/07/cve-2015-5122_-_seco.html", "refsource": "MISC", "url": "https://www.fireeye.com/blog/threat-research/2015/07/cve-2015-5122_-_seco.html" }, { "name": "TA15-195A", "refsource": "CERT", "url": "http://www.us-cert.gov/ncas/alerts/TA15-195A" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-18.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-18.html" }, { "name": "SUSE-SU-2015:1258", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00029.html" }, { "name": "GLSA-201508-01", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201508-01" }, { "name": "http://www.rapid7.com/db/modules/exploit/multi/browser/adobe_flash_opaque_background_uaf", "refsource": "MISC", "url": "http://www.rapid7.com/db/modules/exploit/multi/browser/adobe_flash_opaque_background_uaf" }, { "name": "HPSBHF03509", "refsource": "HP", "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04796784" }, { "name": "RHSA-2015:1235", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-1235.html" }, { "name": "SSRT102253", "refsource": "HP", "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04796784" }, { "name": "VU#338736", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/338736" }, { "name": "37599", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/37599/" }, { "name": "75712", "refsource": "BID", "url": "http://www.securityfocus.com/bid/75712" }, { "name": "http://packetstormsecurity.com/files/132663/Adobe-Flash-opaqueBackground-Use-After-Free.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/132663/Adobe-Flash-opaqueBackground-Use-After-Free.html" }, { "name": "openSUSE-SU-2015:1267", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00032.html" }, { "name": "https://perception-point.io/2018/04/11/breaking-cfi-cve-2015-5122-coop/", "refsource": "MISC", "url": "https://perception-point.io/2018/04/11/breaking-cfi-cve-2015-5122-coop/" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsa15-04.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsa15-04.html" }, { "name": "https://perception-point.io/new/breaking-cfi.php", "refsource": "MISC", "url": "https://perception-point.io/new/breaking-cfi.php" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2015-5122", "datePublished": "2015-07-14T10:00:00", "dateReserved": "2015-06-26T00:00:00", "dateUpdated": "2024-08-06T06:32:32.895Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-1001
Vulnerability from cvelistv5
Published
2016-03-12 15:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html | vendor-advisory, x_refsource_SUSE | |
http://www.securitytracker.com/id/1035251 | vdb-entry, x_refsource_SECTRACK | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html | vendor-advisory, x_refsource_SUSE | |
https://www.exploit-db.com/exploits/39609/ | exploit, x_refsource_EXPLOIT-DB | |
https://security.gentoo.org/glsa/201603-07 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-08.html | x_refsource_CONFIRM | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html | vendor-advisory, x_refsource_SUSE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.532Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "openSUSE-SU-2016:0734", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "39609", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/39609/" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "SUSE-SU-2016:0716", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-03-10T00:00:00", "descriptions": [ { "lang": "en", "value": "Heap-based buffer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-07T09:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "openSUSE-SU-2016:0734", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "39609", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/39609/" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "SUSE-SU-2016:0716", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-1001", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Heap-based buffer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "openSUSE-SU-2016:0734", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "39609", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/39609/" }, { "name": "GLSA-201603-07", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "SUSE-SU-2016:0716", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-1001", "datePublished": "2016-03-12T15:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.532Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4148
Vulnerability from cvelistv5
Published
2016-06-16 14:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
▼ | URL | Tags |
---|---|---|
http://www.securitytracker.com/id/1036117 | vdb-entry, x_refsource_SECTRACK | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083 | vendor-advisory, x_refsource_MS | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html | vendor-advisory, x_refsource_SUSE | |
https://access.redhat.com/errata/RHSA-2016:1238 | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-18.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.285Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-06-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4148", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1036117", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4148", "datePublished": "2016-06-16T14:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.285Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-3073
Vulnerability from cvelistv5
Published
2017-05-09 16:00
Modified
2024-08-05 14:16
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when handling multiple mask properties of display objects, aka memory corruption. Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201705-12 | vendor-advisory, x_refsource_GENTOO | |
https://helpx.adobe.com/security/products/flash-player/apsb17-15.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/98349 | vdb-entry, x_refsource_BID | |
https://access.redhat.com/errata/RHSA-2017:1219 | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1038427 | vdb-entry, x_refsource_SECTRACK |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 25.0.0.148 and earlier. |
Version: Adobe Flash Player 25.0.0.148 and earlier. |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T14:16:27.434Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201705-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201705-12" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-15.html" }, { "name": "98349", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/98349" }, { "name": "RHSA-2017:1219", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:1219" }, { "name": "1038427", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1038427" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 25.0.0.148 and earlier.", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 25.0.0.148 and earlier." } ] } ], "datePublic": "2017-05-09T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when handling multiple mask properties of display objects, aka memory corruption. Successful exploitation could lead to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Use After Free", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201705-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201705-12" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-15.html" }, { "name": "98349", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/98349" }, { "name": "RHSA-2017:1219", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:1219" }, { "name": "1038427", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1038427" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2017-3073", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 25.0.0.148 and earlier.", "version": { "version_data": [ { "version_value": "Adobe Flash Player 25.0.0.148 and earlier." } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when handling multiple mask properties of display objects, aka memory corruption. Successful exploitation could lead to arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Use After Free" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201705-12", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201705-12" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb17-15.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-15.html" }, { "name": "98349", "refsource": "BID", "url": "http://www.securityfocus.com/bid/98349" }, { "name": "RHSA-2017:1219", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:1219" }, { "name": "1038427", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1038427" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2017-3073", "datePublished": "2017-05-09T16:00:00", "dateReserved": "2016-12-02T00:00:00", "dateUpdated": "2024-08-05T14:16:27.434Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4238
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
https://security.gentoo.org/glsa/201607-03 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/91725 | vdb-entry, x_refsource_BID | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:25:13.731Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4238", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91725" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4238", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:25:13.731Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-7875
Vulnerability from cvelistv5
Published
2016-12-15 06:31
Modified
2024-08-06 02:13
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable integer overflow vulnerability in the BitmapData class. Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html | vendor-advisory, x_refsource_SUSE | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154 | vendor-advisory, x_refsource_MS | |
https://security.gentoo.org/glsa/201701-17 | vendor-advisory, x_refsource_GENTOO | |
http://www.zerodayinitiative.com/advisories/ZDI-16-621 | x_refsource_MISC | |
http://www.securitytracker.com/id/1037442 | vdb-entry, x_refsource_SECTRACK | |
http://www.securityfocus.com/bid/94866 | vdb-entry, x_refsource_BID | |
http://rhn.redhat.com/errata/RHSA-2016-2947.html | vendor-advisory, x_refsource_REDHAT | |
https://helpx.adobe.com/security/products/flash-player/apsb16-39.html | x_refsource_CONFIRM | |
http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html | vendor-advisory, x_refsource_SUSE |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier |
Version: Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T02:13:20.310Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:3148", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "name": "GLSA-201701-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-621" }, { "name": "1037442", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1037442" }, { "name": "94866", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/94866" }, { "name": "RHSA-2016:2947", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "name": "openSUSE-SU-2016:3160", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier" } ] } ], "datePublic": "2016-12-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable integer overflow vulnerability in the BitmapData class. Successful exploitation could lead to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Integer Overflow", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:3148", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "name": "GLSA-201701-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-621" }, { "name": "1037442", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1037442" }, { "name": "94866", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/94866" }, { "name": "RHSA-2016:2947", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "name": "openSUSE-SU-2016:3160", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-7875", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier", "version": { "version_data": [ { "version_value": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable integer overflow vulnerability in the BitmapData class. Successful exploitation could lead to arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Integer Overflow" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:3148", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "name": "GLSA-201701-17", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201701-17" }, { "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-621", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-621" }, { "name": "1037442", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037442" }, { "name": "94866", "refsource": "BID", "url": "http://www.securityfocus.com/bid/94866" }, { "name": "RHSA-2016:2947", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "name": "openSUSE-SU-2016:3160", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-7875", "datePublished": "2016-12-15T06:31:00", "dateReserved": "2016-09-09T00:00:00", "dateUpdated": "2024-08-06T02:13:20.310Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-0991
Vulnerability from cvelistv5
Published
2016-03-12 15:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html | vendor-advisory, x_refsource_SUSE | |
http://www.securitytracker.com/id/1035251 | vdb-entry, x_refsource_SECTRACK | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html | vendor-advisory, x_refsource_SUSE | |
https://security.gentoo.org/glsa/201603-07 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-08.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/84312 | vdb-entry, x_refsource_BID | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html | vendor-advisory, x_refsource_SUSE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.560Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "openSUSE-SU-2016:0734", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "84312", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/84312" }, { "name": "SUSE-SU-2016:0716", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-03-10T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-12-01T15:57:02", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "openSUSE-SU-2016:0734", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "84312", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/84312" }, { "name": "SUSE-SU-2016:0716", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-0991", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "openSUSE-SU-2016:0734", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "GLSA-201603-07", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "84312", "refsource": "BID", "url": "http://www.securityfocus.com/bid/84312" }, { "name": "SUSE-SU-2016:0716", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-0991", "datePublished": "2016-03-12T15:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.560Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4244
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4245, and CVE-2016-4246.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
https://security.gentoo.org/glsa/201607-03 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/91725 | vdb-entry, x_refsource_BID | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:25:14.257Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4245, and CVE-2016-4246." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4244", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4245, and CVE-2016-4246." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91725" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4244", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:25:14.257Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4151
Vulnerability from cvelistv5
Published
2016-06-16 14:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
▼ | URL | Tags |
---|---|---|
http://www.securitytracker.com/id/1036117 | vdb-entry, x_refsource_SECTRACK | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083 | vendor-advisory, x_refsource_MS | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html | vendor-advisory, x_refsource_SUSE | |
https://access.redhat.com/errata/RHSA-2016:1238 | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-18.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.232Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-06-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4151", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1036117", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4151", "datePublished": "2016-06-16T14:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.232Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4226
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
https://security.gentoo.org/glsa/201607-03 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/91719 | vdb-entry, x_refsource_BID | |
https://www.exploit-db.com/exploits/40308/ | exploit, x_refsource_EXPLOIT-DB | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093 | vendor-advisory, x_refsource_MS | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:25:13.287Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91719", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91719" }, { "name": "40308", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/40308/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91719", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91719" }, { "name": "40308", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/40308/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4226", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91719", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91719" }, { "name": "40308", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/40308/" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4226", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:25:13.287Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4140
Vulnerability from cvelistv5
Published
2016-06-16 14:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
▼ | URL | Tags |
---|---|---|
http://www.securitytracker.com/id/1036117 | vdb-entry, x_refsource_SECTRACK | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083 | vendor-advisory, x_refsource_MS | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html | vendor-advisory, x_refsource_SUSE | |
https://access.redhat.com/errata/RHSA-2016:1238 | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-18.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.186Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-06-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4140", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1036117", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4140", "datePublished": "2016-06-16T14:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.186Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-2984
Vulnerability from cvelistv5
Published
2017-02-15 06:11
Modified
2024-08-05 14:09
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability in the h264 decoder routine. Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201702-20 | vendor-advisory, x_refsource_GENTOO | |
http://rhn.redhat.com/errata/RHSA-2017-0275.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/bid/96193 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1037815 | vdb-entry, x_refsource_SECTRACK | |
https://helpx.adobe.com/security/products/flash-player/apsb17-04.html | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 24.0.0.194 and earlier. |
Version: Adobe Flash Player 24.0.0.194 and earlier. |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T14:09:17.771Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201702-20", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201702-20" }, { "name": "RHSA-2017:0275", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "name": "96193", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/96193" }, { "name": "1037815", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1037815" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 24.0.0.194 and earlier.", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 24.0.0.194 and earlier." } ] } ], "datePublic": "2017-02-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability in the h264 decoder routine. Successful exploitation could lead to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Heap Overflow", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201702-20", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201702-20" }, { "name": "RHSA-2017:0275", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "name": "96193", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/96193" }, { "name": "1037815", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1037815" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2017-2984", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 24.0.0.194 and earlier.", "version": { "version_data": [ { "version_value": "Adobe Flash Player 24.0.0.194 and earlier." } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability in the h264 decoder routine. Successful exploitation could lead to arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Heap Overflow" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201702-20", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201702-20" }, { "name": "RHSA-2017:0275", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "name": "96193", "refsource": "BID", "url": "http://www.securityfocus.com/bid/96193" }, { "name": "1037815", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037815" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2017-2984", "datePublished": "2017-02-15T06:11:00", "dateReserved": "2016-12-02T00:00:00", "dateUpdated": "2024-08-05T14:09:17.771Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4180
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/91725 | vdb-entry, x_refsource_BID | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.311Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4180", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91725" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4180", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.311Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-0964
Vulnerability from cvelistv5
Published
2016-02-10 20:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html | vendor-advisory, x_refsource_SUSE | |
https://www.exploit-db.com/exploits/39467/ | exploit, x_refsource_EXPLOIT-DB | |
http://www.securitytracker.com/id/1034970 | vdb-entry, x_refsource_SECTRACK | |
https://security.gentoo.org/glsa/201603-07 | vendor-advisory, x_refsource_GENTOO | |
http://rhn.redhat.com/errata/RHSA-2016-0166.html | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-04.html | x_refsource_CONFIRM | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html | vendor-advisory, x_refsource_SUSE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.286Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:0400", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "39467", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/39467/" }, { "name": "1034970", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-02-09T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-09T09:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:0400", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "39467", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/39467/" }, { "name": "1034970", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-0964", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:0400", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "39467", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/39467/" }, { "name": "1034970", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-0964", "datePublished": "2016-02-10T20:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.286Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2018-5000
Vulnerability from cvelistv5
Published
2018-07-09 19:00
Modified
2024-08-05 05:18
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 29.0.0.171 and earlier have an Integer Overflow vulnerability. Successful exploitation could lead to information disclosure.
References
▼ | URL | Tags |
---|---|---|
https://access.redhat.com/errata/RHSA-2018:1827 | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1041058 | vdb-entry, x_refsource_SECTRACK | |
https://helpx.adobe.com/security/products/flash-player/apsb18-19.html | x_refsource_MISC | |
https://security.gentoo.org/glsa/201806-02 | vendor-advisory, x_refsource_GENTOO | |
http://www.securityfocus.com/bid/104413 | vdb-entry, x_refsource_BID |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 29.0.0.171 and earlier versions |
Version: Adobe Flash Player 29.0.0.171 and earlier versions |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T05:18:27.184Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2018:1827", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1827" }, { "name": "1041058", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1041058" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-19.html" }, { "name": "GLSA-201806-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201806-02" }, { "name": "104413", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/104413" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 29.0.0.171 and earlier versions", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 29.0.0.171 and earlier versions" } ] } ], "datePublic": "2018-07-09T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 29.0.0.171 and earlier have an Integer Overflow vulnerability. Successful exploitation could lead to information disclosure." } ], "problemTypes": [ { "descriptions": [ { "description": "Integer overflow", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-21T09:57:02", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "RHSA-2018:1827", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1827" }, { "name": "1041058", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1041058" }, { "tags": [ "x_refsource_MISC" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-19.html" }, { "name": "GLSA-201806-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201806-02" }, { "name": "104413", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/104413" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2018-5000", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 29.0.0.171 and earlier versions", "version": { "version_data": [ { "version_value": "Adobe Flash Player 29.0.0.171 and earlier versions" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 29.0.0.171 and earlier have an Integer Overflow vulnerability. Successful exploitation could lead to information disclosure." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Integer overflow" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2018:1827", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1827" }, { "name": "1041058", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1041058" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb18-19.html", "refsource": "MISC", "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-19.html" }, { "name": "GLSA-201806-02", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201806-02" }, { "name": "104413", "refsource": "BID", "url": "http://www.securityfocus.com/bid/104413" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2018-5000", "datePublished": "2018-07-09T19:00:00", "dateReserved": "2018-01-03T00:00:00", "dateUpdated": "2024-08-05T05:18:27.184Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-0967
Vulnerability from cvelistv5
Published
2016-02-10 20:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981.
References
▼ | URL | Tags |
---|---|---|
https://www.exploit-db.com/exploits/39466/ | exploit, x_refsource_EXPLOIT-DB | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html | vendor-advisory, x_refsource_SUSE | |
http://www.securitytracker.com/id/1034970 | vdb-entry, x_refsource_SECTRACK | |
https://security.gentoo.org/glsa/201603-07 | vendor-advisory, x_refsource_GENTOO | |
http://rhn.redhat.com/errata/RHSA-2016-0166.html | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-04.html | x_refsource_CONFIRM | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html | vendor-advisory, x_refsource_SUSE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.142Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "39466", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/39466/" }, { "name": "SUSE-SU-2016:0400", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-02-09T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-09T09:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "39466", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/39466/" }, { "name": "SUSE-SU-2016:0400", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-0967", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "39466", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/39466/" }, { "name": "SUSE-SU-2016:0400", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-0967", "datePublished": "2016-02-10T20:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.142Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4137
Vulnerability from cvelistv5
Published
2016-06-16 14:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
▼ | URL | Tags |
---|---|---|
http://www.securitytracker.com/id/1036117 | vdb-entry, x_refsource_SECTRACK | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083 | vendor-advisory, x_refsource_MS | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html | vendor-advisory, x_refsource_SUSE | |
https://access.redhat.com/errata/RHSA-2016:1238 | vendor-advisory, x_refsource_REDHAT | |
https://www.exploit-db.com/exploits/40089/ | exploit, x_refsource_EXPLOIT-DB | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-18.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.238Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "40089", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/40089/" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-06-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "40089", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/40089/" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4137", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1036117", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "40089", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/40089/" }, { "name": "openSUSE-SU-2016:1621", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4137", "datePublished": "2016-06-16T14:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.238Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-0986
Vulnerability from cvelistv5
Published
2016-03-12 15:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html | vendor-advisory, x_refsource_SUSE | |
http://www.securitytracker.com/id/1035251 | vdb-entry, x_refsource_SECTRACK | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/84311 | vdb-entry, x_refsource_BID | |
https://security.gentoo.org/glsa/201603-07 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-08.html | x_refsource_CONFIRM | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html | vendor-advisory, x_refsource_SUSE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.549Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "openSUSE-SU-2016:0734", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "84311", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/84311" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "SUSE-SU-2016:0716", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-03-10T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-01-03T10:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "openSUSE-SU-2016:0734", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "84311", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/84311" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "SUSE-SU-2016:0716", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-0986", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "openSUSE-SU-2016:0734", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "84311", "refsource": "BID", "url": "http://www.securityfocus.com/bid/84311" }, { "name": "GLSA-201603-07", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "SUSE-SU-2016:0716", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-0986", "datePublished": "2016-03-12T15:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.549Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-2991
Vulnerability from cvelistv5
Published
2017-02-15 06:11
Modified
2024-08-05 14:09
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 codec (related to decompression). Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/96190 | vdb-entry, x_refsource_BID | |
https://security.gentoo.org/glsa/201702-20 | vendor-advisory, x_refsource_GENTOO | |
http://rhn.redhat.com/errata/RHSA-2017-0275.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1037815 | vdb-entry, x_refsource_SECTRACK | |
https://helpx.adobe.com/security/products/flash-player/apsb17-04.html | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 24.0.0.194 and earlier. |
Version: Adobe Flash Player 24.0.0.194 and earlier. |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T14:09:17.809Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "96190", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/96190" }, { "name": "GLSA-201702-20", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201702-20" }, { "name": "RHSA-2017:0275", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "name": "1037815", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1037815" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 24.0.0.194 and earlier.", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 24.0.0.194 and earlier." } ] } ], "datePublic": "2017-02-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 codec (related to decompression). Successful exploitation could lead to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Memory Corruption", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "96190", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/96190" }, { "name": "GLSA-201702-20", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201702-20" }, { "name": "RHSA-2017:0275", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "name": "1037815", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1037815" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2017-2991", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 24.0.0.194 and earlier.", "version": { "version_data": [ { "version_value": "Adobe Flash Player 24.0.0.194 and earlier." } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 codec (related to decompression). Successful exploitation could lead to arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Memory Corruption" } ] } ] }, "references": { "reference_data": [ { "name": "96190", "refsource": "BID", "url": "http://www.securityfocus.com/bid/96190" }, { "name": "GLSA-201702-20", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201702-20" }, { "name": "RHSA-2017:0275", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "name": "1037815", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037815" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2017-2991", "datePublished": "2017-02-15T06:11:00", "dateReserved": "2016-12-02T00:00:00", "dateUpdated": "2024-08-05T14:09:17.809Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-1029
Vulnerability from cvelistv5
Published
2016-04-09 01:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1032, and CVE-2016-1033.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html | vendor-advisory, x_refsource_SUSE | |
http://rhn.redhat.com/errata/RHSA-2016-0610.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/bid/85932 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1035509 | vdb-entry, x_refsource_SECTRACK | |
https://helpx.adobe.com/security/products/flash-player/apsb16-10.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.645Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1305", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "RHSA-2016:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "85932", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/85932" }, { "name": "1035509", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1035509" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-04-07T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1032, and CVE-2016-1033." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-06-07T09:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1305", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "RHSA-2016:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "85932", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/85932" }, { "name": "1035509", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1035509" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-1029", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1032, and CVE-2016-1033." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1305", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "RHSA-2016:0610", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "85932", "refsource": "BID", "url": "http://www.securityfocus.com/bid/85932" }, { "name": "1035509", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035509" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-1029", "datePublished": "2016-04-09T01:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.645Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4218
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
https://security.gentoo.org/glsa/201607-03 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/91725 | vdb-entry, x_refsource_BID | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:25:13.205Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4218", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91725" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4218", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:25:13.205Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-0990
Vulnerability from cvelistv5
Published
2016-03-12 15:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html | vendor-advisory, x_refsource_SUSE | |
http://www.securitytracker.com/id/1035251 | vdb-entry, x_refsource_SECTRACK | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html | vendor-advisory, x_refsource_SUSE | |
https://security.gentoo.org/glsa/201603-07 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-08.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/84312 | vdb-entry, x_refsource_BID | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html | vendor-advisory, x_refsource_SUSE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.578Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "openSUSE-SU-2016:0734", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "84312", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/84312" }, { "name": "SUSE-SU-2016:0716", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-03-10T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-12-01T15:57:02", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "openSUSE-SU-2016:0734", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "84312", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/84312" }, { "name": "SUSE-SU-2016:0716", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-0990", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "openSUSE-SU-2016:0734", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "GLSA-201603-07", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "84312", "refsource": "BID", "url": "http://www.securityfocus.com/bid/84312" }, { "name": "SUSE-SU-2016:0716", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-0990", "datePublished": "2016-03-12T15:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.578Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-7878
Vulnerability from cvelistv5
Published
2016-12-15 06:31
Modified
2024-08-06 02:13
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the PSDK's MediaPlayer class. Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
http://www.zerodayinitiative.com/advisories/ZDI-16-620 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html | vendor-advisory, x_refsource_SUSE | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154 | vendor-advisory, x_refsource_MS | |
https://security.gentoo.org/glsa/201701-17 | vendor-advisory, x_refsource_GENTOO | |
http://www.securityfocus.com/bid/94873 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1037442 | vdb-entry, x_refsource_SECTRACK | |
http://rhn.redhat.com/errata/RHSA-2016-2947.html | vendor-advisory, x_refsource_REDHAT | |
https://helpx.adobe.com/security/products/flash-player/apsb16-39.html | x_refsource_CONFIRM | |
http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html | vendor-advisory, x_refsource_SUSE |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier |
Version: Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T02:13:20.356Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-620" }, { "name": "SUSE-SU-2016:3148", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "name": "GLSA-201701-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "name": "94873", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/94873" }, { "name": "1037442", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1037442" }, { "name": "RHSA-2016:2947", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "name": "openSUSE-SU-2016:3160", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier" } ] } ], "datePublic": "2016-12-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the PSDK\u0027s MediaPlayer class. Successful exploitation could lead to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Use After Free", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-620" }, { "name": "SUSE-SU-2016:3148", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "name": "GLSA-201701-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "name": "94873", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/94873" }, { "name": "1037442", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1037442" }, { "name": "RHSA-2016:2947", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "name": "openSUSE-SU-2016:3160", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-7878", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier", "version": { "version_data": [ { "version_value": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the PSDK\u0027s MediaPlayer class. Successful exploitation could lead to arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Use After Free" } ] } ] }, "references": { "reference_data": [ { "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-620", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-620" }, { "name": "SUSE-SU-2016:3148", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "name": "GLSA-201701-17", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201701-17" }, { "name": "94873", "refsource": "BID", "url": "http://www.securityfocus.com/bid/94873" }, { "name": "1037442", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037442" }, { "name": "RHSA-2016:2947", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "name": "openSUSE-SU-2016:3160", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-7878", "datePublished": "2016-12-15T06:31:00", "dateReserved": "2016-09-09T00:00:00", "dateUpdated": "2024-08-06T02:13:20.356Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-1030
Vulnerability from cvelistv5
Published
2016-04-09 01:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to bypass intended access restrictions via unspecified vectors.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html | vendor-advisory, x_refsource_SUSE | |
http://rhn.redhat.com/errata/RHSA-2016-0610.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1035509 | vdb-entry, x_refsource_SECTRACK | |
https://helpx.adobe.com/security/products/flash-player/apsb16-10.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.637Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1305", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "RHSA-2016:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "1035509", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1035509" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-04-07T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to bypass intended access restrictions via unspecified vectors." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-11-30T18:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1305", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "RHSA-2016:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "1035509", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1035509" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-1030", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to bypass intended access restrictions via unspecified vectors." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1305", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "RHSA-2016:0610", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "1035509", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035509" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-1030", "datePublished": "2016-04-09T01:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.637Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-7879
Vulnerability from cvelistv5
Published
2016-12-15 06:31
Modified
2024-08-06 02:13
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the NetConnection class when handling an attached script object. Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
http://www.zerodayinitiative.com/advisories/ZDI-16-619 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html | vendor-advisory, x_refsource_SUSE | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154 | vendor-advisory, x_refsource_MS | |
https://security.gentoo.org/glsa/201701-17 | vendor-advisory, x_refsource_GENTOO | |
http://www.securityfocus.com/bid/94873 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1037442 | vdb-entry, x_refsource_SECTRACK | |
http://rhn.redhat.com/errata/RHSA-2016-2947.html | vendor-advisory, x_refsource_REDHAT | |
https://helpx.adobe.com/security/products/flash-player/apsb16-39.html | x_refsource_CONFIRM | |
http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html | vendor-advisory, x_refsource_SUSE |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier |
Version: Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T02:13:20.463Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-619" }, { "name": "SUSE-SU-2016:3148", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "name": "GLSA-201701-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "name": "94873", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/94873" }, { "name": "1037442", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1037442" }, { "name": "RHSA-2016:2947", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "name": "openSUSE-SU-2016:3160", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier" } ] } ], "datePublic": "2016-12-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the NetConnection class when handling an attached script object. Successful exploitation could lead to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Use After Free", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-619" }, { "name": "SUSE-SU-2016:3148", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "name": "GLSA-201701-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "name": "94873", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/94873" }, { "name": "1037442", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1037442" }, { "name": "RHSA-2016:2947", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "name": "openSUSE-SU-2016:3160", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-7879", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier", "version": { "version_data": [ { "version_value": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the NetConnection class when handling an attached script object. Successful exploitation could lead to arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Use After Free" } ] } ] }, "references": { "reference_data": [ { "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-619", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-619" }, { "name": "SUSE-SU-2016:3148", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "name": "GLSA-201701-17", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201701-17" }, { "name": "94873", "refsource": "BID", "url": "http://www.securityfocus.com/bid/94873" }, { "name": "1037442", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037442" }, { "name": "RHSA-2016:2947", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "name": "openSUSE-SU-2016:3160", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-7879", "datePublished": "2016-12-15T06:31:00", "dateReserved": "2016-09-09T00:00:00", "dateUpdated": "2024-08-06T02:13:20.463Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-6924
Vulnerability from cvelistv5
Published
2016-09-14 18:00
Modified
2024-08-06 01:43
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, and CVE-2016-6922.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201610-10 | vendor-advisory, x_refsource_GENTOO | |
https://helpx.adobe.com/security/products/flash-player/apsb16-29.html | x_refsource_CONFIRM | |
http://rhn.redhat.com/errata/RHSA-2016-1865.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/bid/92930 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1036791 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T01:43:38.559Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92930", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/92930" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036791" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-09-13T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, and CVE-2016-6922." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92930", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/92930" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036791" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-6924", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, and CVE-2016-6922." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201610-10", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201610-10" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92930", "refsource": "BID", "url": "http://www.securityfocus.com/bid/92930" }, { "name": "1036791", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036791" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-6924", "datePublished": "2016-09-14T18:00:00", "dateReserved": "2016-08-23T00:00:00", "dateUpdated": "2024-08-06T01:43:38.559Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-2995
Vulnerability from cvelistv5
Published
2017-02-15 06:11
Modified
2024-08-05 14:09
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable type confusion vulnerability related to the MessageChannel class. Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201702-20 | vendor-advisory, x_refsource_GENTOO | |
http://rhn.redhat.com/errata/RHSA-2017-0275.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/bid/96191 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1037815 | vdb-entry, x_refsource_SECTRACK | |
https://helpx.adobe.com/security/products/flash-player/apsb17-04.html | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 24.0.0.194 and earlier. |
Version: Adobe Flash Player 24.0.0.194 and earlier. |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T14:09:17.770Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201702-20", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201702-20" }, { "name": "RHSA-2017:0275", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "name": "96191", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/96191" }, { "name": "1037815", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1037815" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 24.0.0.194 and earlier.", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 24.0.0.194 and earlier." } ] } ], "datePublic": "2017-02-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable type confusion vulnerability related to the MessageChannel class. Successful exploitation could lead to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Type Confusion", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201702-20", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201702-20" }, { "name": "RHSA-2017:0275", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "name": "96191", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/96191" }, { "name": "1037815", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1037815" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2017-2995", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 24.0.0.194 and earlier.", "version": { "version_data": [ { "version_value": "Adobe Flash Player 24.0.0.194 and earlier." } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable type confusion vulnerability related to the MessageChannel class. Successful exploitation could lead to arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Type Confusion" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201702-20", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201702-20" }, { "name": "RHSA-2017:0275", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "name": "96191", "refsource": "BID", "url": "http://www.securityfocus.com/bid/96191" }, { "name": "1037815", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037815" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2017-2995", "datePublished": "2017-02-15T06:11:00", "dateReserved": "2016-12-02T00:00:00", "dateUpdated": "2024-08-05T14:09:17.770Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4223
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2016-4224 and CVE-2016-4225.
References
▼ | URL | Tags |
---|---|---|
http://www.zerodayinitiative.com/advisories/ZDI-16-424 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
https://security.gentoo.org/glsa/201607-03 | vendor-advisory, x_refsource_GENTOO | |
http://www.securityfocus.com/bid/91718 | vdb-entry, x_refsource_BID | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093 | vendor-advisory, x_refsource_MS | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:25:13.206Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-424" }, { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "91718", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91718" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code by leveraging an unspecified \"type confusion,\" a different vulnerability than CVE-2016-4224 and CVE-2016-4225." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-424" }, { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "91718", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91718" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4223", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code by leveraging an unspecified \"type confusion,\" a different vulnerability than CVE-2016-4224 and CVE-2016-4225." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-424", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-424" }, { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "91718", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91718" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4223", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:25:13.206Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-0997
Vulnerability from cvelistv5
Published
2016-03-12 15:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html | vendor-advisory, x_refsource_SUSE | |
https://www.exploit-db.com/exploits/39613/ | exploit, x_refsource_EXPLOIT-DB | |
http://www.securitytracker.com/id/1035251 | vdb-entry, x_refsource_SECTRACK | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html | vendor-advisory, x_refsource_SUSE | |
https://security.gentoo.org/glsa/201603-07 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-08.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/84312 | vdb-entry, x_refsource_BID | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html | vendor-advisory, x_refsource_SUSE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.480Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "openSUSE-SU-2016:0734", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "39613", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/39613/" }, { "name": "1035251", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "84312", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/84312" }, { "name": "SUSE-SU-2016:0716", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-03-10T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-07T09:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "openSUSE-SU-2016:0734", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "39613", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/39613/" }, { "name": "1035251", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "84312", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/84312" }, { "name": "SUSE-SU-2016:0716", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-0997", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "openSUSE-SU-2016:0734", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "39613", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/39613/" }, { "name": "1035251", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "GLSA-201603-07", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "84312", "refsource": "BID", "url": "http://www.securityfocus.com/bid/84312" }, { "name": "SUSE-SU-2016:0716", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-0997", "datePublished": "2016-03-12T15:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.480Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4217
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
https://security.gentoo.org/glsa/201607-03 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/91725 | vdb-entry, x_refsource_BID | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:25:13.218Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4217", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91725" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4217", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:25:13.218Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4280
Vulnerability from cvelistv5
Published
2016-09-14 18:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201610-10 | vendor-advisory, x_refsource_GENTOO | |
https://helpx.adobe.com/security/products/flash-player/apsb16-29.html | x_refsource_CONFIRM | |
http://rhn.redhat.com/errata/RHSA-2016-1865.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/bid/92930 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1036791 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:25:13.859Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92930", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/92930" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036791" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-09-13T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92930", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/92930" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036791" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4280", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201610-10", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201610-10" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92930", "refsource": "BID", "url": "http://www.securityfocus.com/bid/92930" }, { "name": "1036791", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036791" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4280", "datePublished": "2016-09-14T18:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:25:13.859Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4128
Vulnerability from cvelistv5
Published
2016-06-16 14:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
▼ | URL | Tags |
---|---|---|
http://www.securitytracker.com/id/1036117 | vdb-entry, x_refsource_SECTRACK | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083 | vendor-advisory, x_refsource_MS | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html | vendor-advisory, x_refsource_SUSE | |
https://access.redhat.com/errata/RHSA-2016:1238 | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-18.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.144Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-06-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4128", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1036117", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4128", "datePublished": "2016-06-16T14:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.144Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4230
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4231, and CVE-2016-4248.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:25:14.011Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "40311", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/40311/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=844\u0026q=adobe%20flash" }, { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91719", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91719" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/138532/Adobe-Flash-MovieClip-Transform-Use-After-Free.html" }, { "name": "MS16-093", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4231, and CVE-2016-4248." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "40311", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/40311/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=844\u0026q=adobe%20flash" }, { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91719", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91719" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/138532/Adobe-Flash-MovieClip-Transform-Use-After-Free.html" }, { "name": "MS16-093", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4230", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4231, and CVE-2016-4248." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "40311", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/40311/" }, { "name": "https://bugs.chromium.org/p/project-zero/issues/detail?id=844\u0026q=adobe%20flash", "refsource": "MISC", "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=844\u0026q=adobe%20flash" }, { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91719", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91719" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "http://packetstormsecurity.com/files/138532/Adobe-Flash-MovieClip-Transform-Use-After-Free.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/138532/Adobe-Flash-MovieClip-Transform-Use-After-Free.html" }, { "name": "MS16-093", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4230", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:25:14.011Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4285
Vulnerability from cvelistv5
Published
2016-09-14 18:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-6922, and CVE-2016-6924.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201610-10 | vendor-advisory, x_refsource_GENTOO | |
https://helpx.adobe.com/security/products/flash-player/apsb16-29.html | x_refsource_CONFIRM | |
http://rhn.redhat.com/errata/RHSA-2016-1865.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/bid/92930 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1036791 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:25:13.850Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92930", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/92930" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036791" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-09-13T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-6922, and CVE-2016-6924." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92930", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/92930" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036791" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4285", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-6922, and CVE-2016-6924." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201610-10", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201610-10" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92930", "refsource": "BID", "url": "http://www.securityfocus.com/bid/92930" }, { "name": "1036791", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036791" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4285", "datePublished": "2016-09-14T18:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:25:13.850Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-1021
Vulnerability from cvelistv5
Published
2016-04-09 01:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html | vendor-advisory, x_refsource_SUSE | |
http://rhn.redhat.com/errata/RHSA-2016-0610.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/bid/85932 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1035509 | vdb-entry, x_refsource_SECTRACK | |
https://helpx.adobe.com/security/products/flash-player/apsb16-10.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.536Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1305", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "RHSA-2016:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "85932", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/85932" }, { "name": "1035509", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1035509" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-04-07T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-06-07T09:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1305", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "RHSA-2016:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "85932", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/85932" }, { "name": "1035509", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1035509" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-1021", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1305", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "RHSA-2016:0610", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "85932", "refsource": "BID", "url": "http://www.securityfocus.com/bid/85932" }, { "name": "1035509", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035509" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-1021", "datePublished": "2016-04-09T01:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.536Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4183
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/91725 | vdb-entry, x_refsource_BID | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.280Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4183", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91725" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4183", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.280Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2018-4920
Vulnerability from cvelistv5
Published
2018-05-19 17:00
Modified
2024-08-05 05:18
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 28.0.0.161 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/103383 | vdb-entry, x_refsource_BID | |
https://access.redhat.com/errata/RHSA-2018:0520 | vendor-advisory, x_refsource_REDHAT | |
https://helpx.adobe.com/security/products/flash-player/apsb18-05.html | x_refsource_MISC | |
http://www.securitytracker.com/id/1040509 | vdb-entry, x_refsource_SECTRACK |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 28.0.0.161 and earlier versions |
Version: Adobe Flash Player 28.0.0.161 and earlier versions |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T05:18:26.951Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "103383", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/103383" }, { "name": "RHSA-2018:0520", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:0520" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-05.html" }, { "name": "1040509", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1040509" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 28.0.0.161 and earlier versions", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 28.0.0.161 and earlier versions" } ] } ], "datePublic": "2018-05-19T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 28.0.0.161 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user." } ], "problemTypes": [ { "descriptions": [ { "description": "Type Confusion", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-05-20T09:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "103383", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/103383" }, { "name": "RHSA-2018:0520", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:0520" }, { "tags": [ "x_refsource_MISC" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-05.html" }, { "name": "1040509", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1040509" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2018-4920", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 28.0.0.161 and earlier versions", "version": { "version_data": [ { "version_value": "Adobe Flash Player 28.0.0.161 and earlier versions" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 28.0.0.161 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Type Confusion" } ] } ] }, "references": { "reference_data": [ { "name": "103383", "refsource": "BID", "url": "http://www.securityfocus.com/bid/103383" }, { "name": "RHSA-2018:0520", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:0520" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb18-05.html", "refsource": "MISC", "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-05.html" }, { "name": "1040509", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1040509" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2018-4920", "datePublished": "2018-05-19T17:00:00", "dateReserved": "2018-01-03T00:00:00", "dateUpdated": "2024-08-05T05:18:26.951Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2015-8820
Vulnerability from cvelistv5
Published
2016-03-04 23:00
Modified
2024-08-06 08:29
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8654, CVE-2015-8656, CVE-2015-8657, and CVE-2015-8658.
References
▼ | URL | Tags |
---|---|---|
http://www.zerodayinitiative.com/advisories/ZDI-15-661 | x_refsource_MISC | |
https://helpx.adobe.com/security/products/flash-player/apsb15-32.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/84160 | vdb-entry, x_refsource_BID |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T08:29:22.057Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-661" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" }, { "name": "84160", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/84160" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-03-02T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK \u0026 Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8654, CVE-2015-8656, CVE-2015-8657, and CVE-2015-8658." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-11-25T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-661" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" }, { "name": "84160", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/84160" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2015-8820", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK \u0026 Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8654, CVE-2015-8656, CVE-2015-8657, and CVE-2015-8658." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-661", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-661" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" }, { "name": "84160", "refsource": "BID", "url": "http://www.securityfocus.com/bid/84160" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2015-8820", "datePublished": "2016-03-04T23:00:00", "dateReserved": "2016-03-01T00:00:00", "dateUpdated": "2024-08-06T08:29:22.057Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4246
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, and CVE-2016-4245.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
https://security.gentoo.org/glsa/201607-03 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/91725 | vdb-entry, x_refsource_BID | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:25:13.906Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, and CVE-2016-4245." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4246", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, and CVE-2016-4245." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91725" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4246", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:25:13.906Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4219
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
https://security.gentoo.org/glsa/201607-03 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/91725 | vdb-entry, x_refsource_BID | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:25:13.252Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4219", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91725" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4219", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:25:13.252Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4228
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
https://security.gentoo.org/glsa/201607-03 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/91719 | vdb-entry, x_refsource_BID | |
https://www.exploit-db.com/exploits/40309/ | exploit, x_refsource_EXPLOIT-DB | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093 | vendor-advisory, x_refsource_MS | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:25:13.990Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91719", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91719" }, { "name": "40309", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/40309/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91719", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91719" }, { "name": "40309", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/40309/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4228", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91719", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91719" }, { "name": "40309", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/40309/" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4228", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:25:13.990Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-3074
Vulnerability from cvelistv5
Published
2017-05-09 16:00
Modified
2024-08-05 14:16
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Graphics class. Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201705-12 | vendor-advisory, x_refsource_GENTOO | |
https://helpx.adobe.com/security/products/flash-player/apsb17-15.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/98349 | vdb-entry, x_refsource_BID | |
https://access.redhat.com/errata/RHSA-2017:1219 | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1038427 | vdb-entry, x_refsource_SECTRACK |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 25.0.0.148 and earlier. |
Version: Adobe Flash Player 25.0.0.148 and earlier. |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T14:16:28.042Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201705-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201705-12" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-15.html" }, { "name": "98349", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/98349" }, { "name": "RHSA-2017:1219", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:1219" }, { "name": "1038427", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1038427" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 25.0.0.148 and earlier.", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 25.0.0.148 and earlier." } ] } ], "datePublic": "2017-05-09T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Graphics class. Successful exploitation could lead to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Memory Corruption", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201705-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201705-12" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-15.html" }, { "name": "98349", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/98349" }, { "name": "RHSA-2017:1219", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:1219" }, { "name": "1038427", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1038427" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2017-3074", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 25.0.0.148 and earlier.", "version": { "version_data": [ { "version_value": "Adobe Flash Player 25.0.0.148 and earlier." } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Graphics class. Successful exploitation could lead to arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Memory Corruption" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201705-12", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201705-12" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb17-15.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-15.html" }, { "name": "98349", "refsource": "BID", "url": "http://www.securityfocus.com/bid/98349" }, { "name": "RHSA-2017:1219", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:1219" }, { "name": "1038427", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1038427" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2017-3074", "datePublished": "2017-05-09T16:00:00", "dateReserved": "2016-12-02T00:00:00", "dateUpdated": "2024-08-05T14:16:28.042Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4232
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to obtain sensitive information from process memory via unspecified vectors.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
https://security.gentoo.org/glsa/201607-03 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093 | vendor-advisory, x_refsource_MS | |
https://www.exploit-db.com/exploits/40355/ | exploit, x_refsource_EXPLOIT-DB | |
http://www.securityfocus.com/bid/91724 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:25:13.760Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "40355", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/40355/" }, { "name": "91724", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91724" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to obtain sensitive information from process memory via unspecified vectors." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "40355", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/40355/" }, { "name": "91724", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91724" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4232", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to obtain sensitive information from process memory via unspecified vectors." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "40355", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/40355/" }, { "name": "91724", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91724" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4232", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:25:13.760Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2018-15978
Vulnerability from cvelistv5
Published
2018-11-29 20:00
Modified
2024-08-05 10:10
Severity ?
EPSS score ?
Summary
Flash Player versions 31.0.0.122 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
References
▼ | URL | Tags |
---|---|---|
http://www.securitytracker.com/id/1042098 | vdb-entry, x_refsource_SECTRACK | |
http://www.securityfocus.com/bid/105909 | vdb-entry, x_refsource_BID | |
https://access.redhat.com/errata/RHSA-2018:3618 | vendor-advisory, x_refsource_REDHAT | |
https://helpx.adobe.com/security/products/flash-player/apsb18-39.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T10:10:06.084Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1042098", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1042098" }, { "name": "105909", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/105909" }, { "name": "RHSA-2018:3618", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:3618" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-39.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2018-11-29T00:00:00", "descriptions": [ { "lang": "en", "value": "Flash Player versions 31.0.0.122 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-11-30T10:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "1042098", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1042098" }, { "name": "105909", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/105909" }, { "name": "RHSA-2018:3618", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:3618" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-39.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2018-15978", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Flash Player versions 31.0.0.122 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1042098", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1042098" }, { "name": "105909", "refsource": "BID", "url": "http://www.securityfocus.com/bid/105909" }, { "name": "RHSA-2018:3618", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:3618" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb18-39.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-39.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2018-15978", "datePublished": "2018-11-29T20:00:00", "dateReserved": "2018-08-28T00:00:00", "dateUpdated": "2024-08-05T10:10:06.084Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-0961
Vulnerability from cvelistv5
Published
2016-03-12 15:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html | vendor-advisory, x_refsource_SUSE | |
http://www.securitytracker.com/id/1035251 | vdb-entry, x_refsource_SECTRACK | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/84311 | vdb-entry, x_refsource_BID | |
https://security.gentoo.org/glsa/201603-07 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-08.html | x_refsource_CONFIRM | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html | vendor-advisory, x_refsource_SUSE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.311Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "openSUSE-SU-2016:0734", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "84311", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/84311" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "SUSE-SU-2016:0716", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-03-10T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-01-03T10:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "openSUSE-SU-2016:0734", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "84311", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/84311" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "SUSE-SU-2016:0716", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-0961", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "openSUSE-SU-2016:0734", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "84311", "refsource": "BID", "url": "http://www.securityfocus.com/bid/84311" }, { "name": "GLSA-201603-07", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "SUSE-SU-2016:0716", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-0961", "datePublished": "2016-03-12T15:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.311Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-0960
Vulnerability from cvelistv5
Published
2016-03-12 15:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html | vendor-advisory, x_refsource_SUSE | |
http://www.securitytracker.com/id/1035251 | vdb-entry, x_refsource_SECTRACK | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/84311 | vdb-entry, x_refsource_BID | |
https://security.gentoo.org/glsa/201603-07 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-08.html | x_refsource_CONFIRM | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html | vendor-advisory, x_refsource_SUSE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.372Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "openSUSE-SU-2016:0734", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "84311", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/84311" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "SUSE-SU-2016:0716", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-03-10T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-01-03T10:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "openSUSE-SU-2016:0734", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "84311", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/84311" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "SUSE-SU-2016:0716", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-0960", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "openSUSE-SU-2016:0734", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "84311", "refsource": "BID", "url": "http://www.securityfocus.com/bid/84311" }, { "name": "GLSA-201603-07", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "SUSE-SU-2016:0716", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-0960", "datePublished": "2016-03-12T15:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.372Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-6930
Vulnerability from cvelistv5
Published
2016-09-14 18:00
Modified
2024-08-06 01:43
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6931, and CVE-2016-6932.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201610-10 | vendor-advisory, x_refsource_GENTOO | |
https://helpx.adobe.com/security/products/flash-player/apsb16-29.html | x_refsource_CONFIRM | |
http://rhn.redhat.com/errata/RHSA-2016-1865.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/bid/92927 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1036791 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T01:43:38.593Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92927", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/92927" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036791" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-09-13T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6931, and CVE-2016-6932." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92927", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/92927" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036791" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-6930", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6931, and CVE-2016-6932." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201610-10", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201610-10" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92927", "refsource": "BID", "url": "http://www.securityfocus.com/bid/92927" }, { "name": "1036791", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036791" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-6930", "datePublished": "2016-09-14T18:00:00", "dateReserved": "2016-08-23T00:00:00", "dateUpdated": "2024-08-06T01:43:38.593Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4186
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/91725 | vdb-entry, x_refsource_BID | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.323Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4186", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91725" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4186", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.323Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-6926
Vulnerability from cvelistv5
Published
2016-09-14 18:00
Modified
2024-08-06 01:43
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201610-10 | vendor-advisory, x_refsource_GENTOO | |
https://helpx.adobe.com/security/products/flash-player/apsb16-29.html | x_refsource_CONFIRM | |
http://rhn.redhat.com/errata/RHSA-2016-1865.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/bid/92927 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1036791 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T01:43:38.544Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92927", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/92927" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036791" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-09-13T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92927", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/92927" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036791" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-6926", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201610-10", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201610-10" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92927", "refsource": "BID", "url": "http://www.securityfocus.com/bid/92927" }, { "name": "1036791", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036791" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-6926", "datePublished": "2016-09-14T18:00:00", "dateReserved": "2016-08-23T00:00:00", "dateUpdated": "2024-08-06T01:43:38.544Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-3068
Vulnerability from cvelistv5
Published
2017-05-09 16:00
Modified
2024-08-05 14:16
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Advanced Video Coding engine. Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201705-12 | vendor-advisory, x_refsource_GENTOO | |
https://helpx.adobe.com/security/products/flash-player/apsb17-15.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/98349 | vdb-entry, x_refsource_BID | |
https://www.exploit-db.com/exploits/42017/ | exploit, x_refsource_EXPLOIT-DB | |
https://access.redhat.com/errata/RHSA-2017:1219 | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1038427 | vdb-entry, x_refsource_SECTRACK |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 25.0.0.148 and earlier. |
Version: Adobe Flash Player 25.0.0.148 and earlier. |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T14:16:27.440Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201705-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201705-12" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-15.html" }, { "name": "98349", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/98349" }, { "name": "42017", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/42017/" }, { "name": "RHSA-2017:1219", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:1219" }, { "name": "1038427", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1038427" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 25.0.0.148 and earlier.", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 25.0.0.148 and earlier." } ] } ], "datePublic": "2017-05-09T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Advanced Video Coding engine. Successful exploitation could lead to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Memory Corruption", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201705-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201705-12" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-15.html" }, { "name": "98349", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/98349" }, { "name": "42017", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/42017/" }, { "name": "RHSA-2017:1219", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:1219" }, { "name": "1038427", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1038427" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2017-3068", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 25.0.0.148 and earlier.", "version": { "version_data": [ { "version_value": "Adobe Flash Player 25.0.0.148 and earlier." } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Advanced Video Coding engine. Successful exploitation could lead to arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Memory Corruption" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201705-12", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201705-12" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb17-15.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-15.html" }, { "name": "98349", "refsource": "BID", "url": "http://www.securityfocus.com/bid/98349" }, { "name": "42017", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/42017/" }, { "name": "RHSA-2017:1219", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:1219" }, { "name": "1038427", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1038427" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2017-3068", "datePublished": "2017-05-09T16:00:00", "dateReserved": "2016-12-02T00:00:00", "dateUpdated": "2024-08-05T14:16:27.440Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4225
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2016-4223 and CVE-2016-4224.
References
▼ | URL | Tags |
---|---|---|
http://www.zerodayinitiative.com/advisories/ZDI-16-427 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
https://security.gentoo.org/glsa/201607-03 | vendor-advisory, x_refsource_GENTOO | |
http://www.securityfocus.com/bid/91718 | vdb-entry, x_refsource_BID | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093 | vendor-advisory, x_refsource_MS | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:25:13.244Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-427" }, { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "91718", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91718" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code by leveraging an unspecified \"type confusion,\" a different vulnerability than CVE-2016-4223 and CVE-2016-4224." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-427" }, { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "91718", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91718" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4225", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code by leveraging an unspecified \"type confusion,\" a different vulnerability than CVE-2016-4223 and CVE-2016-4224." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-427", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-427" }, { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "91718", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91718" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4225", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:25:13.244Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-2985
Vulnerability from cvelistv5
Published
2017-02-15 06:11
Modified
2024-08-05 14:09
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in the ActionScript 3 BitmapData class. Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201702-20 | vendor-advisory, x_refsource_GENTOO | |
http://www.securityfocus.com/bid/96199 | vdb-entry, x_refsource_BID | |
http://rhn.redhat.com/errata/RHSA-2017-0275.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1037815 | vdb-entry, x_refsource_SECTRACK | |
https://helpx.adobe.com/security/products/flash-player/apsb17-04.html | x_refsource_CONFIRM | |
https://www.exploit-db.com/exploits/41422/ | exploit, x_refsource_EXPLOIT-DB |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 24.0.0.194 and earlier. |
Version: Adobe Flash Player 24.0.0.194 and earlier. |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T14:09:17.805Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201702-20", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201702-20" }, { "name": "96199", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/96199" }, { "name": "RHSA-2017:0275", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "name": "1037815", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1037815" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" }, { "name": "41422", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/41422/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 24.0.0.194 and earlier.", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 24.0.0.194 and earlier." } ] } ], "datePublic": "2017-02-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in the ActionScript 3 BitmapData class. Successful exploitation could lead to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Use After Free", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201702-20", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201702-20" }, { "name": "96199", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/96199" }, { "name": "RHSA-2017:0275", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "name": "1037815", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1037815" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" }, { "name": "41422", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/41422/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2017-2985", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 24.0.0.194 and earlier.", "version": { "version_data": [ { "version_value": "Adobe Flash Player 24.0.0.194 and earlier." } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in the ActionScript 3 BitmapData class. Successful exploitation could lead to arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Use After Free" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201702-20", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201702-20" }, { "name": "96199", "refsource": "BID", "url": "http://www.securityfocus.com/bid/96199" }, { "name": "RHSA-2017:0275", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "name": "1037815", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037815" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" }, { "name": "41422", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/41422/" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2017-2985", "datePublished": "2017-02-15T06:11:00", "dateReserved": "2016-12-02T00:00:00", "dateUpdated": "2024-08-05T14:09:17.805Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-1032
Vulnerability from cvelistv5
Published
2016-04-09 01:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, and CVE-2016-1033.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html | vendor-advisory, x_refsource_SUSE | |
http://rhn.redhat.com/errata/RHSA-2016-0610.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/bid/85932 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1035509 | vdb-entry, x_refsource_SECTRACK | |
https://helpx.adobe.com/security/products/flash-player/apsb16-10.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.555Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1305", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "RHSA-2016:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "85932", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/85932" }, { "name": "1035509", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1035509" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-04-07T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, and CVE-2016-1033." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-06-07T09:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1305", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "RHSA-2016:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "85932", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/85932" }, { "name": "1035509", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1035509" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-1032", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, and CVE-2016-1033." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1305", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "RHSA-2016:0610", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "85932", "refsource": "BID", "url": "http://www.securityfocus.com/bid/85932" }, { "name": "1035509", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035509" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-1032", "datePublished": "2016-04-09T01:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.555Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-7890
Vulnerability from cvelistv5
Published
2016-12-15 06:31
Modified
2024-08-06 02:13
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have security bypass vulnerability in the implementation of the same origin policy.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html | vendor-advisory, x_refsource_SUSE | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154 | vendor-advisory, x_refsource_MS | |
https://security.gentoo.org/glsa/201701-17 | vendor-advisory, x_refsource_GENTOO | |
http://www.securitytracker.com/id/1037442 | vdb-entry, x_refsource_SECTRACK | |
http://rhn.redhat.com/errata/RHSA-2016-2947.html | vendor-advisory, x_refsource_REDHAT | |
https://helpx.adobe.com/security/products/flash-player/apsb16-39.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/94870 | vdb-entry, x_refsource_BID | |
http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html | vendor-advisory, x_refsource_SUSE |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier |
Version: Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T02:13:20.487Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:3148", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "name": "GLSA-201701-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "name": "1037442", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1037442" }, { "name": "RHSA-2016:2947", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "name": "94870", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/94870" }, { "name": "openSUSE-SU-2016:3160", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier" } ] } ], "datePublic": "2016-12-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have security bypass vulnerability in the implementation of the same origin policy." } ], "problemTypes": [ { "descriptions": [ { "description": "Security Bypass", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:3148", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "name": "GLSA-201701-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "name": "1037442", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1037442" }, { "name": "RHSA-2016:2947", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "name": "94870", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/94870" }, { "name": "openSUSE-SU-2016:3160", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-7890", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier", "version": { "version_data": [ { "version_value": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have security bypass vulnerability in the implementation of the same origin policy." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Security Bypass" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:3148", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "name": "GLSA-201701-17", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201701-17" }, { "name": "1037442", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037442" }, { "name": "RHSA-2016:2947", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "name": "94870", "refsource": "BID", "url": "http://www.securityfocus.com/bid/94870" }, { "name": "openSUSE-SU-2016:3160", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-7890", "datePublished": "2016-12-15T06:31:00", "dateReserved": "2016-09-09T00:00:00", "dateUpdated": "2024-08-06T02:13:20.487Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4247
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Race condition in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to obtain sensitive information via unspecified vectors.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/91720 | vdb-entry, x_refsource_BID | |
https://security.gentoo.org/glsa/201607-03 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093 | vendor-advisory, x_refsource_MS | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:25:14.128Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "91720", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91720" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Race condition in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to obtain sensitive information via unspecified vectors." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "91720", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91720" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4247", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Race condition in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to obtain sensitive information via unspecified vectors." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "91720", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91720" }, { "name": "GLSA-201607-03", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4247", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:25:14.128Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2018-4933
Vulnerability from cvelistv5
Published
2018-05-19 17:00
Modified
2024-08-05 05:18
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/103708 | vdb-entry, x_refsource_BID | |
https://access.redhat.com/errata/RHSA-2018:1119 | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1040648 | vdb-entry, x_refsource_SECTRACK | |
https://security.gentoo.org/glsa/201804-11 | vendor-advisory, x_refsource_GENTOO | |
https://helpx.adobe.com/security/products/flash-player/apsb18-08.html | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 29.0.0.113 and earlier versions |
Version: Adobe Flash Player 29.0.0.113 and earlier versions |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T05:18:27.095Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "103708", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/103708" }, { "name": "RHSA-2018:1119", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1119" }, { "name": "1040648", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1040648" }, { "name": "GLSA-201804-11", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201804-11" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-08.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 29.0.0.113 and earlier versions", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 29.0.0.113 and earlier versions" } ] } ], "datePublic": "2018-05-19T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure." } ], "problemTypes": [ { "descriptions": [ { "description": "Out-of-bounds read", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-21T09:57:02", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "103708", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/103708" }, { "name": "RHSA-2018:1119", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1119" }, { "name": "1040648", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1040648" }, { "name": "GLSA-201804-11", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201804-11" }, { "tags": [ "x_refsource_MISC" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-08.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2018-4933", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 29.0.0.113 and earlier versions", "version": { "version_data": [ { "version_value": "Adobe Flash Player 29.0.0.113 and earlier versions" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Out-of-bounds read" } ] } ] }, "references": { "reference_data": [ { "name": "103708", "refsource": "BID", "url": "http://www.securityfocus.com/bid/103708" }, { "name": "RHSA-2018:1119", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1119" }, { "name": "1040648", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1040648" }, { "name": "GLSA-201804-11", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201804-11" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb18-08.html", "refsource": "MISC", "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-08.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2018-4933", "datePublished": "2018-05-19T17:00:00", "dateReserved": "2018-01-03T00:00:00", "dateUpdated": "2024-08-05T05:18:27.095Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-2996
Vulnerability from cvelistv5
Published
2017-02-15 06:11
Modified
2024-08-05 14:09
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in Primetime SDK. Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/96190 | vdb-entry, x_refsource_BID | |
https://security.gentoo.org/glsa/201702-20 | vendor-advisory, x_refsource_GENTOO | |
http://rhn.redhat.com/errata/RHSA-2017-0275.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1037815 | vdb-entry, x_refsource_SECTRACK | |
https://helpx.adobe.com/security/products/flash-player/apsb17-04.html | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 24.0.0.194 and earlier. |
Version: Adobe Flash Player 24.0.0.194 and earlier. |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T14:09:17.771Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "96190", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/96190" }, { "name": "GLSA-201702-20", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201702-20" }, { "name": "RHSA-2017:0275", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "name": "1037815", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1037815" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 24.0.0.194 and earlier.", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 24.0.0.194 and earlier." } ] } ], "datePublic": "2017-02-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in Primetime SDK. Successful exploitation could lead to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Memory Corruption", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "96190", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/96190" }, { "name": "GLSA-201702-20", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201702-20" }, { "name": "RHSA-2017:0275", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "name": "1037815", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1037815" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2017-2996", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 24.0.0.194 and earlier.", "version": { "version_data": [ { "version_value": "Adobe Flash Player 24.0.0.194 and earlier." } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in Primetime SDK. Successful exploitation could lead to arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Memory Corruption" } ] } ] }, "references": { "reference_data": [ { "name": "96190", "refsource": "BID", "url": "http://www.securityfocus.com/bid/96190" }, { "name": "GLSA-201702-20", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201702-20" }, { "name": "RHSA-2017:0275", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "name": "1037815", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037815" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2017-2996", "datePublished": "2017-02-15T06:11:00", "dateReserved": "2016-12-02T00:00:00", "dateUpdated": "2024-08-05T14:09:17.771Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-0987
Vulnerability from cvelistv5
Published
2016-03-12 15:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html | vendor-advisory, x_refsource_SUSE | |
http://www.securitytracker.com/id/1035251 | vdb-entry, x_refsource_SECTRACK | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html | vendor-advisory, x_refsource_SUSE | |
https://security.gentoo.org/glsa/201603-07 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-08.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/84312 | vdb-entry, x_refsource_BID | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html | vendor-advisory, x_refsource_SUSE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.458Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "openSUSE-SU-2016:0734", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "84312", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/84312" }, { "name": "SUSE-SU-2016:0716", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-03-10T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-12-01T15:57:02", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "openSUSE-SU-2016:0734", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "84312", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/84312" }, { "name": "SUSE-SU-2016:0716", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-0987", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "openSUSE-SU-2016:0734", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "GLSA-201603-07", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "84312", "refsource": "BID", "url": "http://www.securityfocus.com/bid/84312" }, { "name": "SUSE-SU-2016:0716", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-0987", "datePublished": "2016-03-12T15:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.458Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4143
Vulnerability from cvelistv5
Published
2016-06-16 14:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
▼ | URL | Tags |
---|---|---|
http://www.securitytracker.com/id/1036117 | vdb-entry, x_refsource_SECTRACK | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083 | vendor-advisory, x_refsource_MS | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html | vendor-advisory, x_refsource_SUSE | |
https://access.redhat.com/errata/RHSA-2016:1238 | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-18.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.190Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-06-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4143", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1036117", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4143", "datePublished": "2016-06-16T14:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.190Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-8075
Vulnerability from cvelistv5
Published
2019-09-27 15:21
Modified
2024-08-04 21:10
Severity ?
EPSS score ?
Summary
Adobe Flash Player version 32.0.0.192 and earlier versions have a Same Origin Policy Bypass vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user.
References
▼ | URL | Tags |
---|---|---|
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AB2XOYF26EBHJEI6LXCBL32TGZM7UHQ4/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S4XYJ7B6OXHZNYSA5J3DBUOFEC6WCAGW/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2021/dsa-4824 | vendor-advisory, x_refsource_DEBIAN | |
https://helpx.adobe.com/security/products/flash-player/apsb19-30.html | x_refsource_CONFIRM | |
https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_17.html | x_refsource_MISC | |
https://crbug.com/945997 | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Adobe | Flash Player |
Version: 32.0.0.192 and earlier versions |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T21:10:32.610Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "FEDORA-2020-10ec8aca61", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AB2XOYF26EBHJEI6LXCBL32TGZM7UHQ4/" }, { "name": "FEDORA-2020-3e005ce2e0", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S4XYJ7B6OXHZNYSA5J3DBUOFEC6WCAGW/" }, { "name": "DSA-4824", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2021/dsa-4824" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb19-30.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_17.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://crbug.com/945997" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Flash Player", "vendor": "Adobe", "versions": [ { "status": "affected", "version": "32.0.0.192 and earlier versions" } ] } ], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player version 32.0.0.192 and earlier versions have a Same Origin Policy Bypass vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user." } ], "problemTypes": [ { "descriptions": [ { "description": "Same Origin Policy Bypass", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-01-08T17:47:37", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "FEDORA-2020-10ec8aca61", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AB2XOYF26EBHJEI6LXCBL32TGZM7UHQ4/" }, { "name": "FEDORA-2020-3e005ce2e0", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S4XYJ7B6OXHZNYSA5J3DBUOFEC6WCAGW/" }, { "name": "DSA-4824", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2021/dsa-4824" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb19-30.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_17.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://crbug.com/945997" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2019-8075", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Flash Player", "version": { "version_data": [ { "version_value": "32.0.0.192 and earlier versions" } ] } } ] }, "vendor_name": "Adobe" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player version 32.0.0.192 and earlier versions have a Same Origin Policy Bypass vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Same Origin Policy Bypass" } ] } ] }, "references": { "reference_data": [ { "name": "FEDORA-2020-10ec8aca61", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AB2XOYF26EBHJEI6LXCBL32TGZM7UHQ4/" }, { "name": "FEDORA-2020-3e005ce2e0", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S4XYJ7B6OXHZNYSA5J3DBUOFEC6WCAGW/" }, { "name": "DSA-4824", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2021/dsa-4824" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb19-30.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb19-30.html" }, { "name": "https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_17.html", "refsource": "MISC", "url": "https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_17.html" }, { "name": "https://crbug.com/945997", "refsource": "MISC", "url": "https://crbug.com/945997" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2019-8075", "datePublished": "2019-09-27T15:21:01", "dateReserved": "2019-02-12T00:00:00", "dateUpdated": "2024-08-04T21:10:32.610Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-1010
Vulnerability from cvelistv5
Published
2016-03-12 15:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0963 and CVE-2016-0993.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html | vendor-advisory, x_refsource_SUSE | |
http://www.securitytracker.com/id/1035251 | vdb-entry, x_refsource_SECTRACK | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html | vendor-advisory, x_refsource_SUSE | |
https://security.gentoo.org/glsa/201603-07 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-08.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/84308 | vdb-entry, x_refsource_BID | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html | vendor-advisory, x_refsource_SUSE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.467Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "openSUSE-SU-2016:0734", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "84308", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/84308" }, { "name": "SUSE-SU-2016:0716", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-03-10T00:00:00", "descriptions": [ { "lang": "en", "value": "Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0963 and CVE-2016-0993." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-02-03T10:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "openSUSE-SU-2016:0734", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "84308", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/84308" }, { "name": "SUSE-SU-2016:0716", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-1010", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0963 and CVE-2016-0993." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "openSUSE-SU-2016:0734", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "GLSA-201603-07", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "84308", "refsource": "BID", "url": "http://www.securityfocus.com/bid/84308" }, { "name": "SUSE-SU-2016:0716", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-1010", "datePublished": "2016-03-12T15:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.467Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2015-8656
Vulnerability from cvelistv5
Published
2016-03-04 23:00
Modified
2024-08-06 08:20
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8654, CVE-2015-8657, CVE-2015-8658, and CVE-2015-8820.
References
▼ | URL | Tags |
---|---|---|
https://helpx.adobe.com/security/products/flash-player/apsb15-32.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/84160 | vdb-entry, x_refsource_BID | |
http://www.zerodayinitiative.com/advisories/ZDI-15-659 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T08:20:43.677Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" }, { "name": "84160", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/84160" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-659" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-03-02T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK \u0026 Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8654, CVE-2015-8657, CVE-2015-8658, and CVE-2015-8820." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-11-25T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" }, { "name": "84160", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/84160" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-659" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2015-8656", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK \u0026 Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8654, CVE-2015-8657, CVE-2015-8658, and CVE-2015-8820." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" }, { "name": "84160", "refsource": "BID", "url": "http://www.securityfocus.com/bid/84160" }, { "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-659", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-659" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2015-8656", "datePublished": "2016-03-04T23:00:00", "dateReserved": "2015-12-23T00:00:00", "dateUpdated": "2024-08-06T08:20:43.677Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4283
Vulnerability from cvelistv5
Published
2016-09-14 18:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201610-10 | vendor-advisory, x_refsource_GENTOO | |
https://helpx.adobe.com/security/products/flash-player/apsb16-29.html | x_refsource_CONFIRM | |
http://rhn.redhat.com/errata/RHSA-2016-1865.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/bid/92930 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1036791 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:25:14.182Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92930", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/92930" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036791" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-09-13T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92930", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/92930" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036791" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4283", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201610-10", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201610-10" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92930", "refsource": "BID", "url": "http://www.securityfocus.com/bid/92930" }, { "name": "1036791", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036791" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4283", "datePublished": "2016-09-14T18:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:25:14.182Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4162
Vulnerability from cvelistv5
Published
2016-06-16 14:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4160, CVE-2016-4161, and CVE-2016-4163.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201606-08 | vendor-advisory, x_refsource_GENTOO | |
http://www.securityfocus.com/bid/90618 | vdb-entry, x_refsource_BID | |
https://helpx.adobe.com/security/products/flash-player/apsb16-15.html | x_refsource_CONFIRM | |
http://rhn.redhat.com/errata/RHSA-2016-1079.html | vendor-advisory, x_refsource_REDHAT |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.207Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201606-08", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201606-08" }, { "name": "90618", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/90618" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html" }, { "name": "RHSA-2016:1079", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1079.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-06-03T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4160, CVE-2016-4161, and CVE-2016-4163." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201606-08", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201606-08" }, { "name": "90618", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/90618" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html" }, { "name": "RHSA-2016:1079", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1079.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4162", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4160, CVE-2016-4161, and CVE-2016-4163." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201606-08", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201606-08" }, { "name": "90618", "refsource": "BID", "url": "http://www.securityfocus.com/bid/90618" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html" }, { "name": "RHSA-2016:1079", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-1079.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4162", "datePublished": "2016-06-16T14:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.207Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4161
Vulnerability from cvelistv5
Published
2016-06-16 14:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4160, CVE-2016-4162, and CVE-2016-4163.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201606-08 | vendor-advisory, x_refsource_GENTOO | |
http://www.securityfocus.com/bid/90618 | vdb-entry, x_refsource_BID | |
https://helpx.adobe.com/security/products/flash-player/apsb16-15.html | x_refsource_CONFIRM | |
http://rhn.redhat.com/errata/RHSA-2016-1079.html | vendor-advisory, x_refsource_REDHAT |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.285Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201606-08", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201606-08" }, { "name": "90618", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/90618" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html" }, { "name": "RHSA-2016:1079", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1079.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-06-03T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4160, CVE-2016-4162, and CVE-2016-4163." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201606-08", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201606-08" }, { "name": "90618", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/90618" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html" }, { "name": "RHSA-2016:1079", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1079.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4161", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4160, CVE-2016-4162, and CVE-2016-4163." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201606-08", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201606-08" }, { "name": "90618", "refsource": "BID", "url": "http://www.securityfocus.com/bid/90618" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html" }, { "name": "RHSA-2016:1079", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-1079.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4161", "datePublished": "2016-06-16T14:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.285Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4181
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/91725 | vdb-entry, x_refsource_BID | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.191Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4181", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91725" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4181", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.191Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-1020
Vulnerability from cvelistv5
Published
2016-04-09 01:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html | vendor-advisory, x_refsource_SUSE | |
http://rhn.redhat.com/errata/RHSA-2016-0610.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/bid/85932 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1035509 | vdb-entry, x_refsource_SECTRACK | |
https://helpx.adobe.com/security/products/flash-player/apsb16-10.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.532Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1305", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "RHSA-2016:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "85932", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/85932" }, { "name": "1035509", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1035509" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-04-07T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-06-07T09:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1305", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "RHSA-2016:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "85932", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/85932" }, { "name": "1035509", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1035509" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-1020", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1305", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "RHSA-2016:0610", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "85932", "refsource": "BID", "url": "http://www.securityfocus.com/bid/85932" }, { "name": "1035509", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035509" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-1020", "datePublished": "2016-04-09T01:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.532Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-0976
Vulnerability from cvelistv5
Published
2016-02-10 20:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html | vendor-advisory, x_refsource_SUSE | |
http://www.securitytracker.com/id/1034970 | vdb-entry, x_refsource_SECTRACK | |
https://security.gentoo.org/glsa/201603-07 | vendor-advisory, x_refsource_GENTOO | |
http://rhn.redhat.com/errata/RHSA-2016-0166.html | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-04.html | x_refsource_CONFIRM | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html | vendor-advisory, x_refsource_SUSE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.421Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:0400", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-02-09T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-12-02T20:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:0400", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-0976", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:0400", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-0976", "datePublished": "2016-02-10T20:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.421Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2014-0569
Vulnerability from cvelistv5
Published
2014-10-15 10:00
Modified
2024-08-06 09:20
Severity ?
EPSS score ?
Summary
Integer overflow in Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allows attackers to execute arbitrary code via unspecified vectors.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-updates/2014-10/msg00033.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/70441 | vdb-entry, x_refsource_BID | |
http://secunia.com/advisories/61980 | third-party-advisory, x_refsource_SECUNIA | |
http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00002.html | vendor-advisory, x_refsource_SUSE | |
http://rhn.redhat.com/errata/RHSA-2014-1648.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1031019 | vdb-entry, x_refsource_SECTRACK | |
http://www.zerodayinitiative.com/advisories/ZDI-14-365/ | x_refsource_MISC | |
http://helpx.adobe.com/security/products/flash-player/apsb14-22.html | x_refsource_CONFIRM | |
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html | vendor-advisory, x_refsource_SUSE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T09:20:19.819Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "openSUSE-SU-2014:1329", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00033.html" }, { "name": "70441", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/70441" }, { "name": "61980", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61980" }, { "name": "SUSE-SU-2014:1360", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00002.html" }, { "name": "RHSA-2014:1648", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1648.html" }, { "name": "1031019", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031019" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-14-365/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://helpx.adobe.com/security/products/flash-player/apsb14-22.html" }, { "name": "openSUSE-SU-2015:0725", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-10-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Integer overflow in Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK \u0026 Compiler before 15.0.0.302 allows attackers to execute arbitrary code via unspecified vectors." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-06T09:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "openSUSE-SU-2014:1329", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00033.html" }, { "name": "70441", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/70441" }, { "name": "61980", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61980" }, { "name": "SUSE-SU-2014:1360", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00002.html" }, { "name": "RHSA-2014:1648", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1648.html" }, { "name": "1031019", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031019" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-14-365/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://helpx.adobe.com/security/products/flash-player/apsb14-22.html" }, { "name": "openSUSE-SU-2015:0725", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2014-0569", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Integer overflow in Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK \u0026 Compiler before 15.0.0.302 allows attackers to execute arbitrary code via unspecified vectors." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "openSUSE-SU-2014:1329", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00033.html" }, { "name": "70441", "refsource": "BID", "url": "http://www.securityfocus.com/bid/70441" }, { "name": "61980", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61980" }, { "name": "SUSE-SU-2014:1360", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00002.html" }, { "name": "RHSA-2014:1648", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2014-1648.html" }, { "name": "1031019", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1031019" }, { "name": "http://www.zerodayinitiative.com/advisories/ZDI-14-365/", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-14-365/" }, { "name": "http://helpx.adobe.com/security/products/flash-player/apsb14-22.html", "refsource": "CONFIRM", "url": "http://helpx.adobe.com/security/products/flash-player/apsb14-22.html" }, { "name": "openSUSE-SU-2015:0725", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2014-0569", "datePublished": "2014-10-15T10:00:00", "dateReserved": "2013-12-20T00:00:00", "dateUpdated": "2024-08-06T09:20:19.819Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4178
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/bid/91723 | vdb-entry, x_refsource_BID | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093 | vendor-advisory, x_refsource_MS | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.295Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "91723", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91723" }, { "name": "MS16-093", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "91723", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91723" }, { "name": "MS16-093", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4178", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "91723", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91723" }, { "name": "MS16-093", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4178", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.295Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-6925
Vulnerability from cvelistv5
Published
2016-09-14 18:00
Modified
2024-08-06 01:43
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201610-10 | vendor-advisory, x_refsource_GENTOO | |
https://helpx.adobe.com/security/products/flash-player/apsb16-29.html | x_refsource_CONFIRM | |
http://rhn.redhat.com/errata/RHSA-2016-1865.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/bid/92927 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1036791 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T01:43:38.479Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92927", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/92927" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036791" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-09-13T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92927", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/92927" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036791" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-6925", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201610-10", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201610-10" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92927", "refsource": "BID", "url": "http://www.securityfocus.com/bid/92927" }, { "name": "1036791", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036791" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-6925", "datePublished": "2016-09-14T18:00:00", "dateReserved": "2016-08-23T00:00:00", "dateUpdated": "2024-08-06T01:43:38.479Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2018-5008
Vulnerability from cvelistv5
Published
2018-07-20 19:00
Modified
2024-08-05 05:18
Severity ?
EPSS score ?
Summary
Adobe Flash Player 30.0.0.113 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
References
▼ | URL | Tags |
---|---|---|
https://helpx.adobe.com/security/products/flash-player/apsb18-24.html | x_refsource_CONFIRM | |
http://www.securitytracker.com/id/1041248 | vdb-entry, x_refsource_SECTRACK | |
http://www.securityfocus.com/bid/104698 | vdb-entry, x_refsource_BID | |
https://access.redhat.com/errata/RHSA-2018:2175 | vendor-advisory, x_refsource_REDHAT |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 30.0.0.113 and earlier versions |
Version: Adobe Flash Player 30.0.0.113 and earlier versions |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T05:18:27.083Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-24.html" }, { "name": "1041248", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1041248" }, { "name": "104698", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/104698" }, { "name": "RHSA-2018:2175", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:2175" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 30.0.0.113 and earlier versions", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 30.0.0.113 and earlier versions" } ] } ], "datePublic": "2018-07-20T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player 30.0.0.113 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure." } ], "problemTypes": [ { "descriptions": [ { "description": "Out-of-bounds read", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-07-21T09:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-24.html" }, { "name": "1041248", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1041248" }, { "name": "104698", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/104698" }, { "name": "RHSA-2018:2175", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:2175" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2018-5008", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 30.0.0.113 and earlier versions", "version": { "version_data": [ { "version_value": "Adobe Flash Player 30.0.0.113 and earlier versions" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player 30.0.0.113 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Out-of-bounds read" } ] } ] }, "references": { "reference_data": [ { "name": "https://helpx.adobe.com/security/products/flash-player/apsb18-24.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-24.html" }, { "name": "1041248", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1041248" }, { "name": "104698", "refsource": "BID", "url": "http://www.securityfocus.com/bid/104698" }, { "name": "RHSA-2018:2175", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2175" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2018-5008", "datePublished": "2018-07-20T19:00:00", "dateReserved": "2018-01-03T00:00:00", "dateUpdated": "2024-08-05T05:18:27.083Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-0972
Vulnerability from cvelistv5
Published
2016-02-10 20:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html | vendor-advisory, x_refsource_SUSE | |
http://www.securitytracker.com/id/1034970 | vdb-entry, x_refsource_SECTRACK | |
https://security.gentoo.org/glsa/201603-07 | vendor-advisory, x_refsource_GENTOO | |
http://rhn.redhat.com/errata/RHSA-2016-0166.html | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-04.html | x_refsource_CONFIRM | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html | vendor-advisory, x_refsource_SUSE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.158Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:0400", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-02-09T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-12-02T20:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:0400", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-0972", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:0400", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-0972", "datePublished": "2016-02-10T20:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.158Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-6983
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:50
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989, and CVE-2016-6990.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201610-10 | vendor-advisory, x_refsource_GENTOO | |
https://helpx.adobe.com/security/products/flash-player/apsb16-32.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/93490 | vdb-entry, x_refsource_BID | |
http://rhn.redhat.com/errata/RHSA-2016-2057.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1036985 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T01:50:47.528Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "name": "93490", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/93490" }, { "name": "RHSA-2016:2057", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "name": "1036985", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036985" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-10-11T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989, and CVE-2016-6990." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "name": "93490", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/93490" }, { "name": "RHSA-2016:2057", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "name": "1036985", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036985" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-6983", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989, and CVE-2016-6990." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201610-10", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201610-10" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "name": "93490", "refsource": "BID", "url": "http://www.securityfocus.com/bid/93490" }, { "name": "RHSA-2016:2057", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "name": "1036985", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036985" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-6983", "datePublished": "2016-10-13T19:00:00", "dateReserved": "2016-08-23T00:00:00", "dateUpdated": "2024-08-06T01:50:47.528Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4239
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
https://security.gentoo.org/glsa/201607-03 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/91725 | vdb-entry, x_refsource_BID | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:25:13.750Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4239", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91725" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4239", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:25:13.750Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-0985
Vulnerability from cvelistv5
Published
2016-02-10 20:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion."
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html | vendor-advisory, x_refsource_SUSE | |
http://www.securitytracker.com/id/1034970 | vdb-entry, x_refsource_SECTRACK | |
https://www.exploit-db.com/exploits/39461/ | exploit, x_refsource_EXPLOIT-DB | |
https://security.gentoo.org/glsa/201603-07 | vendor-advisory, x_refsource_GENTOO | |
http://rhn.redhat.com/errata/RHSA-2016-0166.html | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-04.html | x_refsource_CONFIRM | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html | vendor-advisory, x_refsource_SUSE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.382Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:0400", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034970" }, { "name": "39461", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/39461/" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-02-09T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code by leveraging an unspecified \"type confusion.\"" } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-09T09:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:0400", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034970" }, { "name": "39461", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/39461/" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-0985", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code by leveraging an unspecified \"type confusion.\"" } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:0400", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034970" }, { "name": "39461", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/39461/" }, { "name": "GLSA-201603-07", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-0985", "datePublished": "2016-02-10T20:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.382Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2015-8654
Vulnerability from cvelistv5
Published
2016-03-04 23:00
Modified
2024-08-06 08:20
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8656, CVE-2015-8657, CVE-2015-8658, and CVE-2015-8820.
References
▼ | URL | Tags |
---|---|---|
https://helpx.adobe.com/security/products/flash-player/apsb15-32.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/84160 | vdb-entry, x_refsource_BID | |
http://www.zerodayinitiative.com/advisories/ZDI-15-658 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T08:20:43.581Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" }, { "name": "84160", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/84160" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-658" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-03-02T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK \u0026 Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8656, CVE-2015-8657, CVE-2015-8658, and CVE-2015-8820." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-11-25T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" }, { "name": "84160", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/84160" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-658" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2015-8654", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK \u0026 Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8656, CVE-2015-8657, CVE-2015-8658, and CVE-2015-8820." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" }, { "name": "84160", "refsource": "BID", "url": "http://www.securityfocus.com/bid/84160" }, { "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-658", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-658" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2015-8654", "datePublished": "2016-03-04T23:00:00", "dateReserved": "2015-12-23T00:00:00", "dateUpdated": "2024-08-06T08:20:43.581Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2018-12824
Vulnerability from cvelistv5
Published
2018-08-29 13:00
Modified
2024-08-05 08:45
Severity ?
EPSS score ?
Summary
Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/105066 | vdb-entry, x_refsource_BID | |
https://access.redhat.com/errata/RHSA-2018:2435 | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1041448 | vdb-entry, x_refsource_SECTRACK | |
https://helpx.adobe.com/security/products/flash-player/apsb18-25.html | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 30.0.0.134 and earlier |
Version: Adobe Flash Player 30.0.0.134 and earlier |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T08:45:02.215Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "105066", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/105066" }, { "name": "RHSA-2018:2435", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:2435" }, { "name": "1041448", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1041448" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-25.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 30.0.0.134 and earlier", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 30.0.0.134 and earlier" } ] } ], "datePublic": "2018-08-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure." } ], "problemTypes": [ { "descriptions": [ { "description": "out-of-bounds read", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-08-30T09:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "105066", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/105066" }, { "name": "RHSA-2018:2435", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:2435" }, { "name": "1041448", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1041448" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-25.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2018-12824", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 30.0.0.134 and earlier", "version": { "version_data": [ { "version_value": "Adobe Flash Player 30.0.0.134 and earlier" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "out-of-bounds read" } ] } ] }, "references": { "reference_data": [ { "name": "105066", "refsource": "BID", "url": "http://www.securityfocus.com/bid/105066" }, { "name": "RHSA-2018:2435", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2435" }, { "name": "1041448", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1041448" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb18-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-25.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2018-12824", "datePublished": "2018-08-29T13:00:00", "dateReserved": "2018-06-25T00:00:00", "dateUpdated": "2024-08-05T08:45:02.215Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4150
Vulnerability from cvelistv5
Published
2016-06-16 14:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
▼ | URL | Tags |
---|---|---|
http://www.securitytracker.com/id/1036117 | vdb-entry, x_refsource_SECTRACK | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083 | vendor-advisory, x_refsource_MS | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html | vendor-advisory, x_refsource_SUSE | |
https://access.redhat.com/errata/RHSA-2016:1238 | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-18.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.235Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-06-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4150", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1036117", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4150", "datePublished": "2016-06-16T14:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.235Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2015-0312
Vulnerability from cvelistv5
Published
2015-01-28 22:00
Modified
2024-08-06 04:03
Severity ?
EPSS score ?
Summary
Double free vulnerability in Adobe Flash Player before 13.0.0.264 and 14.x through 16.x before 16.0.0.296 on Windows and OS X and before 11.2.202.440 on Linux allows attackers to execute arbitrary code via unspecified vectors.
References
▼ | URL | Tags |
---|---|---|
http://secunia.com/advisories/62660 | third-party-advisory, x_refsource_SECUNIA | |
http://www.securityfocus.com/bid/72343 | vdb-entry, x_refsource_BID | |
http://secunia.com/advisories/62432 | third-party-advisory, x_refsource_SECUNIA | |
http://secunia.com/advisories/62543 | third-party-advisory, x_refsource_SECUNIA | |
https://technet.microsoft.com/library/security/2755801 | x_refsource_CONFIRM | |
http://www.securitytracker.com/id/1031634 | vdb-entry, x_refsource_SECTRACK | |
http://helpx.adobe.com/security/products/flash-player/apsb15-03.html | x_refsource_CONFIRM | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/100394 | vdb-entry, x_refsource_XF |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T04:03:10.956Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "62660", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/62660" }, { "name": "72343", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/72343" }, { "name": "62432", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/62432" }, { "name": "62543", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/62543" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://technet.microsoft.com/library/security/2755801" }, { "name": "1031634", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031634" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://helpx.adobe.com/security/products/flash-player/apsb15-03.html" }, { "name": "adobe-flash-cve20150312-code-exec(100394)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100394" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-01-27T00:00:00", "descriptions": [ { "lang": "en", "value": "Double free vulnerability in Adobe Flash Player before 13.0.0.264 and 14.x through 16.x before 16.0.0.296 on Windows and OS X and before 11.2.202.440 on Linux allows attackers to execute arbitrary code via unspecified vectors." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-07T15:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "62660", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/62660" }, { "name": "72343", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/72343" }, { "name": "62432", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/62432" }, { "name": "62543", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/62543" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://technet.microsoft.com/library/security/2755801" }, { "name": "1031634", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031634" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://helpx.adobe.com/security/products/flash-player/apsb15-03.html" }, { "name": "adobe-flash-cve20150312-code-exec(100394)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100394" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2015-0312", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Double free vulnerability in Adobe Flash Player before 13.0.0.264 and 14.x through 16.x before 16.0.0.296 on Windows and OS X and before 11.2.202.440 on Linux allows attackers to execute arbitrary code via unspecified vectors." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "62660", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/62660" }, { "name": "72343", "refsource": "BID", "url": "http://www.securityfocus.com/bid/72343" }, { "name": "62432", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/62432" }, { "name": "62543", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/62543" }, { "name": "https://technet.microsoft.com/library/security/2755801", "refsource": "CONFIRM", "url": "https://technet.microsoft.com/library/security/2755801" }, { "name": "1031634", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1031634" }, { "name": "http://helpx.adobe.com/security/products/flash-player/apsb15-03.html", "refsource": "CONFIRM", "url": "http://helpx.adobe.com/security/products/flash-player/apsb15-03.html" }, { "name": "adobe-flash-cve20150312-code-exec(100394)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100394" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2015-0312", "datePublished": "2015-01-28T22:00:00", "dateReserved": "2014-12-01T00:00:00", "dateUpdated": "2024-08-06T04:03:10.956Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4229
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248.
References
▼ | URL | Tags |
---|---|---|
http://packetstormsecurity.com/files/138531/Adobe-Flash-BitmapData.copyPixels-Use-After-Free.html | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
https://security.gentoo.org/glsa/201607-03 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
https://www.exploit-db.com/exploits/40310/ | exploit, x_refsource_EXPLOIT-DB | |
http://www.securityfocus.com/bid/91719 | vdb-entry, x_refsource_BID | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093 | vendor-advisory, x_refsource_MS | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:25:13.723Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/138531/Adobe-Flash-BitmapData.copyPixels-Use-After-Free.html" }, { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "40310", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/40310/" }, { "name": "91719", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91719" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/138531/Adobe-Flash-BitmapData.copyPixels-Use-After-Free.html" }, { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "40310", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/40310/" }, { "name": "91719", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91719" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4229", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://packetstormsecurity.com/files/138531/Adobe-Flash-BitmapData.copyPixels-Use-After-Free.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/138531/Adobe-Flash-BitmapData.copyPixels-Use-After-Free.html" }, { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "40310", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/40310/" }, { "name": "91719", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91719" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4229", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:25:13.723Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4146
Vulnerability from cvelistv5
Published
2016-06-16 14:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
▼ | URL | Tags |
---|---|---|
http://www.securitytracker.com/id/1036117 | vdb-entry, x_refsource_SECTRACK | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083 | vendor-advisory, x_refsource_MS | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html | vendor-advisory, x_refsource_SUSE | |
https://access.redhat.com/errata/RHSA-2016:1238 | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-18.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.196Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-06-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4146", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1036117", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4146", "datePublished": "2016-06-16T14:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.196Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2018-4919
Vulnerability from cvelistv5
Published
2018-05-19 17:00
Modified
2024-08-05 05:18
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 28.0.0.161 and earlier have an exploitable use after free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
References
▼ | URL | Tags |
---|---|---|
https://access.redhat.com/errata/RHSA-2018:0520 | vendor-advisory, x_refsource_REDHAT | |
https://helpx.adobe.com/security/products/flash-player/apsb18-05.html | x_refsource_MISC | |
http://www.securityfocus.com/bid/103385 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1040509 | vdb-entry, x_refsource_SECTRACK |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 28.0.0.161 and earlier versions |
Version: Adobe Flash Player 28.0.0.161 and earlier versions |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T05:18:26.929Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2018:0520", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:0520" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-05.html" }, { "name": "103385", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/103385" }, { "name": "1040509", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1040509" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 28.0.0.161 and earlier versions", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 28.0.0.161 and earlier versions" } ] } ], "datePublic": "2018-05-19T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 28.0.0.161 and earlier have an exploitable use after free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user." } ], "problemTypes": [ { "descriptions": [ { "description": "Use After Free", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-05-20T09:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "RHSA-2018:0520", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:0520" }, { "tags": [ "x_refsource_MISC" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-05.html" }, { "name": "103385", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/103385" }, { "name": "1040509", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1040509" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2018-4919", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 28.0.0.161 and earlier versions", "version": { "version_data": [ { "version_value": "Adobe Flash Player 28.0.0.161 and earlier versions" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 28.0.0.161 and earlier have an exploitable use after free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Use After Free" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2018:0520", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:0520" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb18-05.html", "refsource": "MISC", "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-05.html" }, { "name": "103385", "refsource": "BID", "url": "http://www.securityfocus.com/bid/103385" }, { "name": "1040509", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1040509" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2018-4919", "datePublished": "2018-05-19T17:00:00", "dateReserved": "2018-01-03T00:00:00", "dateUpdated": "2024-08-05T05:18:26.929Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4276
Vulnerability from cvelistv5
Published
2016-09-14 18:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201610-10 | vendor-advisory, x_refsource_GENTOO | |
https://helpx.adobe.com/security/products/flash-player/apsb16-29.html | x_refsource_CONFIRM | |
http://rhn.redhat.com/errata/RHSA-2016-1865.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/bid/92930 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1036791 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:25:14.152Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92930", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/92930" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036791" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-09-13T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92930", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/92930" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036791" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4276", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201610-10", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201610-10" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92930", "refsource": "BID", "url": "http://www.securityfocus.com/bid/92930" }, { "name": "1036791", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036791" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4276", "datePublished": "2016-09-14T18:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:25:14.152Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4282
Vulnerability from cvelistv5
Published
2016-09-14 18:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201610-10 | vendor-advisory, x_refsource_GENTOO | |
https://helpx.adobe.com/security/products/flash-player/apsb16-29.html | x_refsource_CONFIRM | |
http://rhn.redhat.com/errata/RHSA-2016-1865.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/bid/92930 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1036791 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:25:13.981Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92930", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/92930" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036791" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-09-13T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92930", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/92930" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036791" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4282", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201610-10", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201610-10" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92930", "refsource": "BID", "url": "http://www.securityfocus.com/bid/92930" }, { "name": "1036791", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036791" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4282", "datePublished": "2016-09-14T18:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:25:13.981Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-1022
Vulnerability from cvelistv5
Published
2016-04-09 01:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html | vendor-advisory, x_refsource_SUSE | |
http://rhn.redhat.com/errata/RHSA-2016-0610.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/bid/85932 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1035509 | vdb-entry, x_refsource_SECTRACK | |
https://helpx.adobe.com/security/products/flash-player/apsb16-10.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.540Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1305", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "RHSA-2016:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "85932", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/85932" }, { "name": "1035509", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1035509" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-04-07T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-06-07T09:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1305", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "RHSA-2016:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "85932", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/85932" }, { "name": "1035509", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1035509" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-1022", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1305", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "RHSA-2016:0610", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "85932", "refsource": "BID", "url": "http://www.securityfocus.com/bid/85932" }, { "name": "1035509", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035509" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-1022", "datePublished": "2016-04-09T01:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.540Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4121
Vulnerability from cvelistv5
Published
2016-06-16 14:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1097, CVE-2016-1106, CVE-2016-1107, CVE-2016-1108, CVE-2016-1109, CVE-2016-1110, CVE-2016-4108, and CVE-2016-4110.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201606-08 | vendor-advisory, x_refsource_GENTOO | |
https://helpx.adobe.com/security/products/flash-player/apsb16-15.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/90797 | vdb-entry, x_refsource_BID | |
http://rhn.redhat.com/errata/RHSA-2016-1079.html | vendor-advisory, x_refsource_REDHAT |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.182Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201606-08", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201606-08" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html" }, { "name": "90797", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/90797" }, { "name": "RHSA-2016:1079", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1079.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-05-19T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1097, CVE-2016-1106, CVE-2016-1107, CVE-2016-1108, CVE-2016-1109, CVE-2016-1110, CVE-2016-4108, and CVE-2016-4110." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201606-08", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201606-08" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html" }, { "name": "90797", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/90797" }, { "name": "RHSA-2016:1079", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1079.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4121", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1097, CVE-2016-1106, CVE-2016-1107, CVE-2016-1108, CVE-2016-1109, CVE-2016-1110, CVE-2016-4108, and CVE-2016-4110." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201606-08", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201606-08" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html" }, { "name": "90797", "refsource": "BID", "url": "http://www.securityfocus.com/bid/90797" }, { "name": "RHSA-2016:1079", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-1079.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4121", "datePublished": "2016-06-16T14:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.182Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4221
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
https://security.gentoo.org/glsa/201607-03 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/91725 | vdb-entry, x_refsource_BID | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:25:13.193Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4221", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91725" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4221", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:25:13.193Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4132
Vulnerability from cvelistv5
Published
2016-06-16 14:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
▼ | URL | Tags |
---|---|---|
http://www.securitytracker.com/id/1036117 | vdb-entry, x_refsource_SECTRACK | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083 | vendor-advisory, x_refsource_MS | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html | vendor-advisory, x_refsource_SUSE | |
https://access.redhat.com/errata/RHSA-2016:1238 | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-18.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.177Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-06-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4132", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1036117", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4132", "datePublished": "2016-06-16T14:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.177Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4248
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, and CVE-2016-4231.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
https://security.gentoo.org/glsa/201607-03 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/91719 | vdb-entry, x_refsource_BID | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093 | vendor-advisory, x_refsource_MS | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:25:14.098Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91719", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91719" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, and CVE-2016-4231." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91719", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91719" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4248", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, and CVE-2016-4231." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91719", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91719" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4248", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:25:14.098Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-1002
Vulnerability from cvelistv5
Published
2016-03-12 15:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, and CVE-2016-1005.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html | vendor-advisory, x_refsource_SUSE | |
http://www.securitytracker.com/id/1035251 | vdb-entry, x_refsource_SECTRACK | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/84311 | vdb-entry, x_refsource_BID | |
https://security.gentoo.org/glsa/201603-07 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-08.html | x_refsource_CONFIRM | |
https://www.exploit-db.com/exploits/39608/ | exploit, x_refsource_EXPLOIT-DB | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html | vendor-advisory, x_refsource_SUSE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.600Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "openSUSE-SU-2016:0734", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "84311", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/84311" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "39608", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/39608/" }, { "name": "SUSE-SU-2016:0716", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-03-10T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, and CVE-2016-1005." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-07T09:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "openSUSE-SU-2016:0734", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "84311", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/84311" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "39608", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/39608/" }, { "name": "SUSE-SU-2016:0716", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-1002", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, and CVE-2016-1005." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "openSUSE-SU-2016:0734", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "84311", "refsource": "BID", "url": "http://www.securityfocus.com/bid/84311" }, { "name": "GLSA-201603-07", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "39608", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/39608/" }, { "name": "SUSE-SU-2016:0716", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-1002", "datePublished": "2016-03-12T15:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.600Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-3003
Vulnerability from cvelistv5
Published
2017-03-14 16:00
Modified
2024-08-05 14:09
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability related to an interaction between the privacy user interface and the ActionScript 2 Camera object. Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/96861 | vdb-entry, x_refsource_BID | |
https://helpx.adobe.com/security/products/flash-player/apsb17-07.html | x_refsource_CONFIRM | |
https://security.gentoo.org/glsa/201703-02 | vendor-advisory, x_refsource_GENTOO | |
http://www.securitytracker.com/id/1037994 | vdb-entry, x_refsource_SECTRACK | |
http://rhn.redhat.com/errata/RHSA-2017-0526.html | vendor-advisory, x_refsource_REDHAT |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 24.0.0.221 and earlier. |
Version: Adobe Flash Player 24.0.0.221 and earlier. |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T14:09:17.780Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "96861", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/96861" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-07.html" }, { "name": "GLSA-201703-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201703-02" }, { "name": "1037994", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1037994" }, { "name": "RHSA-2017:0526", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0526.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 24.0.0.221 and earlier.", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 24.0.0.221 and earlier." } ] } ], "datePublic": "2017-03-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability related to an interaction between the privacy user interface and the ActionScript 2 Camera object. Successful exploitation could lead to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Use After Free", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "96861", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/96861" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-07.html" }, { "name": "GLSA-201703-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201703-02" }, { "name": "1037994", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1037994" }, { "name": "RHSA-2017:0526", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0526.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2017-3003", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 24.0.0.221 and earlier.", "version": { "version_data": [ { "version_value": "Adobe Flash Player 24.0.0.221 and earlier." } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability related to an interaction between the privacy user interface and the ActionScript 2 Camera object. Successful exploitation could lead to arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Use After Free" } ] } ] }, "references": { "reference_data": [ { "name": "96861", "refsource": "BID", "url": "http://www.securityfocus.com/bid/96861" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb17-07.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-07.html" }, { "name": "GLSA-201703-02", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201703-02" }, { "name": "1037994", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037994" }, { "name": "RHSA-2017:0526", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2017-0526.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2017-3003", "datePublished": "2017-03-14T16:00:00", "dateReserved": "2016-12-02T00:00:00", "dateUpdated": "2024-08-05T14:09:17.780Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4130
Vulnerability from cvelistv5
Published
2016-06-16 14:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
▼ | URL | Tags |
---|---|---|
http://www.securitytracker.com/id/1036117 | vdb-entry, x_refsource_SECTRACK | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083 | vendor-advisory, x_refsource_MS | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html | vendor-advisory, x_refsource_SUSE | |
https://access.redhat.com/errata/RHSA-2016:1238 | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-18.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.232Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-06-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4130", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1036117", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4130", "datePublished": "2016-06-16T14:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.232Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4147
Vulnerability from cvelistv5
Published
2016-06-16 14:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
▼ | URL | Tags |
---|---|---|
http://www.securitytracker.com/id/1036117 | vdb-entry, x_refsource_SECTRACK | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083 | vendor-advisory, x_refsource_MS | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html | vendor-advisory, x_refsource_SUSE | |
https://access.redhat.com/errata/RHSA-2016:1238 | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-18.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.185Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-06-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4147", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1036117", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4147", "datePublished": "2016-06-16T14:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.185Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-6931
Vulnerability from cvelistv5
Published
2016-09-14 18:00
Modified
2024-08-06 01:43
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, and CVE-2016-6932.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201610-10 | vendor-advisory, x_refsource_GENTOO | |
https://helpx.adobe.com/security/products/flash-player/apsb16-29.html | x_refsource_CONFIRM | |
http://rhn.redhat.com/errata/RHSA-2016-1865.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/bid/92927 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1036791 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T01:43:38.568Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92927", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/92927" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036791" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-09-13T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, and CVE-2016-6932." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92927", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/92927" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036791" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-6931", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, and CVE-2016-6932." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201610-10", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201610-10" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92927", "refsource": "BID", "url": "http://www.securityfocus.com/bid/92927" }, { "name": "1036791", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036791" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-6931", "datePublished": "2016-09-14T18:00:00", "dateReserved": "2016-08-23T00:00:00", "dateUpdated": "2024-08-06T01:43:38.568Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4127
Vulnerability from cvelistv5
Published
2016-06-16 14:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
▼ | URL | Tags |
---|---|---|
http://www.securitytracker.com/id/1036117 | vdb-entry, x_refsource_SECTRACK | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083 | vendor-advisory, x_refsource_MS | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html | vendor-advisory, x_refsource_SUSE | |
https://access.redhat.com/errata/RHSA-2016:1238 | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-18.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.155Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-06-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4127", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1036117", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4127", "datePublished": "2016-06-16T14:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.155Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4136
Vulnerability from cvelistv5
Published
2016-06-16 14:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
▼ | URL | Tags |
---|---|---|
http://www.securitytracker.com/id/1036117 | vdb-entry, x_refsource_SECTRACK | |
https://www.exploit-db.com/exploits/40088/ | exploit, x_refsource_EXPLOIT-DB | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083 | vendor-advisory, x_refsource_MS | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html | vendor-advisory, x_refsource_SUSE | |
https://access.redhat.com/errata/RHSA-2016:1238 | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-18.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.277Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "40088", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/40088/" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-06-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "40088", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/40088/" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4136", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1036117", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036117" }, { "name": "40088", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/40088/" }, { "name": "MS16-083", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4136", "datePublished": "2016-06-16T14:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.277Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4242
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
https://security.gentoo.org/glsa/201607-03 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/91725 | vdb-entry, x_refsource_BID | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:25:13.844Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4242", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91725" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4242", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:25:13.844Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4133
Vulnerability from cvelistv5
Published
2016-06-16 14:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
▼ | URL | Tags |
---|---|---|
http://www.securitytracker.com/id/1036117 | vdb-entry, x_refsource_SECTRACK | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083 | vendor-advisory, x_refsource_MS | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html | vendor-advisory, x_refsource_SUSE | |
https://access.redhat.com/errata/RHSA-2016:1238 | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-18.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.156Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-06-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4133", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1036117", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4133", "datePublished": "2016-06-16T14:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.156Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4233
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
https://security.gentoo.org/glsa/201607-03 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/91725 | vdb-entry, x_refsource_BID | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:25:13.259Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4233", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91725" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4233", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:25:13.259Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-3099
Vulnerability from cvelistv5
Published
2017-07-14 05:00
Modified
2024-08-05 14:16
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 26.0.0.131 and earlier have an exploitable memory corruption vulnerability in the Action Script 3 raster data model. Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/99520 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1038845 | vdb-entry, x_refsource_SECTRACK | |
https://access.redhat.com/errata/RHSA-2017:1731 | vendor-advisory, x_refsource_REDHAT | |
https://helpx.adobe.com/security/products/flash-player/apsb17-21.html | x_refsource_MISC | |
https://security.gentoo.org/glsa/201707-15 | vendor-advisory, x_refsource_GENTOO |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 26.0.0.131 and earlier. |
Version: Adobe Flash Player 26.0.0.131 and earlier. |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T14:16:27.815Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "99520", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/99520" }, { "name": "1038845", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1038845" }, { "name": "RHSA-2017:1731", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:1731" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-21.html" }, { "name": "GLSA-201707-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201707-15" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 26.0.0.131 and earlier.", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 26.0.0.131 and earlier." } ] } ], "datePublic": "2017-07-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 26.0.0.131 and earlier have an exploitable memory corruption vulnerability in the Action Script 3 raster data model. Successful exploitation could lead to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Memory Corruption", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "99520", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/99520" }, { "name": "1038845", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1038845" }, { "name": "RHSA-2017:1731", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:1731" }, { "tags": [ "x_refsource_MISC" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-21.html" }, { "name": "GLSA-201707-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201707-15" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2017-3099", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 26.0.0.131 and earlier.", "version": { "version_data": [ { "version_value": "Adobe Flash Player 26.0.0.131 and earlier." } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 26.0.0.131 and earlier have an exploitable memory corruption vulnerability in the Action Script 3 raster data model. Successful exploitation could lead to arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Memory Corruption" } ] } ] }, "references": { "reference_data": [ { "name": "99520", "refsource": "BID", "url": "http://www.securityfocus.com/bid/99520" }, { "name": "1038845", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1038845" }, { "name": "RHSA-2017:1731", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:1731" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb17-21.html", "refsource": "MISC", "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-21.html" }, { "name": "GLSA-201707-15", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201707-15" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2017-3099", "datePublished": "2017-07-14T05:00:00", "dateReserved": "2016-12-02T00:00:00", "dateUpdated": "2024-08-05T14:16:27.815Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4185
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/91725 | vdb-entry, x_refsource_BID | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093 | vendor-advisory, x_refsource_MS | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.309Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4185", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91725" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4185", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.309Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-3000
Vulnerability from cvelistv5
Published
2017-03-14 16:00
Modified
2024-08-05 14:09
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 24.0.0.221 and earlier have a vulnerability in the random number generator used for constant blinding. Successful exploitation could lead to information disclosure.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/96862 | vdb-entry, x_refsource_BID | |
https://helpx.adobe.com/security/products/flash-player/apsb17-07.html | x_refsource_CONFIRM | |
https://security.gentoo.org/glsa/201703-02 | vendor-advisory, x_refsource_GENTOO | |
http://www.securitytracker.com/id/1037994 | vdb-entry, x_refsource_SECTRACK | |
http://rhn.redhat.com/errata/RHSA-2017-0526.html | vendor-advisory, x_refsource_REDHAT |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 24.0.0.221 and earlier. |
Version: Adobe Flash Player 24.0.0.221 and earlier. |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T14:09:17.807Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "96862", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/96862" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-07.html" }, { "name": "GLSA-201703-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201703-02" }, { "name": "1037994", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1037994" }, { "name": "RHSA-2017:0526", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0526.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 24.0.0.221 and earlier.", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 24.0.0.221 and earlier." } ] } ], "datePublic": "2017-03-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 24.0.0.221 and earlier have a vulnerability in the random number generator used for constant blinding. Successful exploitation could lead to information disclosure." } ], "problemTypes": [ { "descriptions": [ { "description": "Use of Insufficiently Random Values", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "96862", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/96862" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-07.html" }, { "name": "GLSA-201703-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201703-02" }, { "name": "1037994", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1037994" }, { "name": "RHSA-2017:0526", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0526.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2017-3000", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 24.0.0.221 and earlier.", "version": { "version_data": [ { "version_value": "Adobe Flash Player 24.0.0.221 and earlier." } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 24.0.0.221 and earlier have a vulnerability in the random number generator used for constant blinding. Successful exploitation could lead to information disclosure." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Use of Insufficiently Random Values" } ] } ] }, "references": { "reference_data": [ { "name": "96862", "refsource": "BID", "url": "http://www.securityfocus.com/bid/96862" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb17-07.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-07.html" }, { "name": "GLSA-201703-02", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201703-02" }, { "name": "1037994", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037994" }, { "name": "RHSA-2017:0526", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2017-0526.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2017-3000", "datePublished": "2017-03-14T16:00:00", "dateReserved": "2016-12-02T00:00:00", "dateUpdated": "2024-08-05T14:09:17.807Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4124
Vulnerability from cvelistv5
Published
2016-06-16 14:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
▼ | URL | Tags |
---|---|---|
http://www.securitytracker.com/id/1036117 | vdb-entry, x_refsource_SECTRACK | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083 | vendor-advisory, x_refsource_MS | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html | vendor-advisory, x_refsource_SUSE | |
https://access.redhat.com/errata/RHSA-2016:1238 | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-18.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.128Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-06-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4124", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1036117", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4124", "datePublished": "2016-06-16T14:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.128Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-1012
Vulnerability from cvelistv5
Published
2016-04-09 01:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html | vendor-advisory, x_refsource_SUSE | |
http://rhn.redhat.com/errata/RHSA-2016-0610.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/bid/85932 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1035509 | vdb-entry, x_refsource_SECTRACK | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050 | vendor-advisory, x_refsource_MS | |
https://helpx.adobe.com/security/products/flash-player/apsb16-10.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.570Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1305", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "RHSA-2016:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "85932", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/85932" }, { "name": "1035509", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1035509" }, { "name": "MS16-050", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-04-07T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1305", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "RHSA-2016:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "85932", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/85932" }, { "name": "1035509", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1035509" }, { "name": "MS16-050", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-1012", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1305", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "RHSA-2016:0610", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "85932", "refsource": "BID", "url": "http://www.securityfocus.com/bid/85932" }, { "name": "1035509", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035509" }, { "name": "MS16-050", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-1012", "datePublished": "2016-04-09T01:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.570Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-7868
Vulnerability from cvelistv5
Published
2016-12-15 06:31
Modified
2024-08-06 02:13
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to alternation functionality. Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html | vendor-advisory, x_refsource_SUSE | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154 | vendor-advisory, x_refsource_MS | |
http://www.securityfocus.com/bid/94871 | vdb-entry, x_refsource_BID | |
https://security.gentoo.org/glsa/201701-17 | vendor-advisory, x_refsource_GENTOO | |
http://www.securitytracker.com/id/1037442 | vdb-entry, x_refsource_SECTRACK | |
http://www.zerodayinitiative.com/advisories/ZDI-16-625 | x_refsource_MISC | |
http://rhn.redhat.com/errata/RHSA-2016-2947.html | vendor-advisory, x_refsource_REDHAT | |
https://helpx.adobe.com/security/products/flash-player/apsb16-39.html | x_refsource_CONFIRM | |
http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html | vendor-advisory, x_refsource_SUSE |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier |
Version: Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T02:13:20.299Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:3148", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "name": "94871", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/94871" }, { "name": "GLSA-201701-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "name": "1037442", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1037442" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-625" }, { "name": "RHSA-2016:2947", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "name": "openSUSE-SU-2016:3160", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier" } ] } ], "datePublic": "2016-12-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to alternation functionality. Successful exploitation could lead to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Buffer Overflow / Underflow", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:3148", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "name": "94871", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/94871" }, { "name": "GLSA-201701-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "name": "1037442", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1037442" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-625" }, { "name": "RHSA-2016:2947", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "name": "openSUSE-SU-2016:3160", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-7868", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier", "version": { "version_data": [ { "version_value": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to alternation functionality. Successful exploitation could lead to arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Buffer Overflow / Underflow" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:3148", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "name": "94871", "refsource": "BID", "url": "http://www.securityfocus.com/bid/94871" }, { "name": "GLSA-201701-17", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201701-17" }, { "name": "1037442", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037442" }, { "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-625", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-625" }, { "name": "RHSA-2016:2947", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "name": "openSUSE-SU-2016:3160", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-7868", "datePublished": "2016-12-15T06:31:00", "dateReserved": "2016-09-09T00:00:00", "dateUpdated": "2024-08-06T02:13:20.299Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4182
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201610-10 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/91725 | vdb-entry, x_refsource_BID | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093 | vendor-advisory, x_refsource_MS | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.355Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4182", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201610-10", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201610-10" }, { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91725" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4182", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.355Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-7892
Vulnerability from cvelistv5
Published
2016-12-15 06:31
Modified
2024-08-06 02:13
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the TextField class. Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html | vendor-advisory, x_refsource_SUSE | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154 | vendor-advisory, x_refsource_MS | |
https://security.gentoo.org/glsa/201701-17 | vendor-advisory, x_refsource_GENTOO | |
http://www.securitytracker.com/id/1037442 | vdb-entry, x_refsource_SECTRACK | |
http://rhn.redhat.com/errata/RHSA-2016-2947.html | vendor-advisory, x_refsource_REDHAT | |
https://helpx.adobe.com/security/products/flash-player/apsb16-39.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/94877 | vdb-entry, x_refsource_BID | |
http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html | vendor-advisory, x_refsource_SUSE |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier |
Version: Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T02:13:20.494Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:3148", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "name": "GLSA-201701-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "name": "1037442", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1037442" }, { "name": "RHSA-2016:2947", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "name": "94877", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/94877" }, { "name": "openSUSE-SU-2016:3160", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier" } ] } ], "datePublic": "2016-12-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the TextField class. Successful exploitation could lead to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Use After Free", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:3148", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "name": "GLSA-201701-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "name": "1037442", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1037442" }, { "name": "RHSA-2016:2947", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "name": "94877", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/94877" }, { "name": "openSUSE-SU-2016:3160", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-7892", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier", "version": { "version_data": [ { "version_value": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the TextField class. Successful exploitation could lead to arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Use After Free" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:3148", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "name": "GLSA-201701-17", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201701-17" }, { "name": "1037442", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037442" }, { "name": "RHSA-2016:2947", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "name": "94877", "refsource": "BID", "url": "http://www.securityfocus.com/bid/94877" }, { "name": "openSUSE-SU-2016:3160", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-7892", "datePublished": "2016-12-15T06:31:00", "dateReserved": "2016-09-09T00:00:00", "dateUpdated": "2024-08-06T02:13:20.494Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-2988
Vulnerability from cvelistv5
Published
2017-02-15 06:11
Modified
2024-08-05 14:09
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability when performing garbage collection. Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/96190 | vdb-entry, x_refsource_BID | |
https://security.gentoo.org/glsa/201702-20 | vendor-advisory, x_refsource_GENTOO | |
http://rhn.redhat.com/errata/RHSA-2017-0275.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1037815 | vdb-entry, x_refsource_SECTRACK | |
https://helpx.adobe.com/security/products/flash-player/apsb17-04.html | x_refsource_CONFIRM | |
https://www.exploit-db.com/exploits/41421/ | exploit, x_refsource_EXPLOIT-DB |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 24.0.0.194 and earlier. |
Version: Adobe Flash Player 24.0.0.194 and earlier. |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T14:09:17.784Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "96190", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/96190" }, { "name": "GLSA-201702-20", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201702-20" }, { "name": "RHSA-2017:0275", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "name": "1037815", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1037815" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" }, { "name": "41421", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/41421/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 24.0.0.194 and earlier.", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 24.0.0.194 and earlier." } ] } ], "datePublic": "2017-02-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability when performing garbage collection. Successful exploitation could lead to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Memory Corruption", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "96190", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/96190" }, { "name": "GLSA-201702-20", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201702-20" }, { "name": "RHSA-2017:0275", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "name": "1037815", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1037815" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" }, { "name": "41421", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/41421/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2017-2988", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 24.0.0.194 and earlier.", "version": { "version_data": [ { "version_value": "Adobe Flash Player 24.0.0.194 and earlier." } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability when performing garbage collection. Successful exploitation could lead to arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Memory Corruption" } ] } ] }, "references": { "reference_data": [ { "name": "96190", "refsource": "BID", "url": "http://www.securityfocus.com/bid/96190" }, { "name": "GLSA-201702-20", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201702-20" }, { "name": "RHSA-2017:0275", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "name": "1037815", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037815" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" }, { "name": "41421", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/41421/" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2017-2988", "datePublished": "2017-02-15T06:11:00", "dateReserved": "2016-12-02T00:00:00", "dateUpdated": "2024-08-05T14:09:17.784Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2015-8653
Vulnerability from cvelistv5
Published
2016-03-04 23:00
Modified
2024-08-06 08:20
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via crafted MPEG-4 data, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, CVE-2015-8454, CVE-2015-8655, CVE-2015-8821, and CVE-2015-8822.
References
▼ | URL | Tags |
---|---|---|
https://helpx.adobe.com/security/products/flash-player/apsb15-32.html | x_refsource_CONFIRM | |
http://www.zerodayinitiative.com/advisories/ZDI-15-657 | x_refsource_MISC | |
http://www.securityfocus.com/bid/84162 | vdb-entry, x_refsource_BID |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T08:20:43.596Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-657" }, { "name": "84162", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/84162" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-03-02T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK \u0026 Compiler before 20.0.0.204 allows attackers to execute arbitrary code via crafted MPEG-4 data, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, CVE-2015-8454, CVE-2015-8655, CVE-2015-8821, and CVE-2015-8822." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-11-25T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-657" }, { "name": "84162", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/84162" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2015-8653", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK \u0026 Compiler before 20.0.0.204 allows attackers to execute arbitrary code via crafted MPEG-4 data, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, CVE-2015-8454, CVE-2015-8655, CVE-2015-8821, and CVE-2015-8822." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" }, { "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-657", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-657" }, { "name": "84162", "refsource": "BID", "url": "http://www.securityfocus.com/bid/84162" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2015-8653", "datePublished": "2016-03-04T23:00:00", "dateReserved": "2015-12-23T00:00:00", "dateUpdated": "2024-08-06T08:20:43.596Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-7881
Vulnerability from cvelistv5
Published
2016-12-15 06:31
Modified
2024-08-06 02:13
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the MovieClip class when handling conversion to an object. Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html | vendor-advisory, x_refsource_SUSE | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154 | vendor-advisory, x_refsource_MS | |
https://security.gentoo.org/glsa/201701-17 | vendor-advisory, x_refsource_GENTOO | |
http://www.securityfocus.com/bid/94873 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1037442 | vdb-entry, x_refsource_SECTRACK | |
http://rhn.redhat.com/errata/RHSA-2016-2947.html | vendor-advisory, x_refsource_REDHAT | |
https://helpx.adobe.com/security/products/flash-player/apsb16-39.html | x_refsource_CONFIRM | |
http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html | vendor-advisory, x_refsource_SUSE |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier |
Version: Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T02:13:20.464Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:3148", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "name": "GLSA-201701-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "name": "94873", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/94873" }, { "name": "1037442", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1037442" }, { "name": "RHSA-2016:2947", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "name": "openSUSE-SU-2016:3160", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier" } ] } ], "datePublic": "2016-12-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the MovieClip class when handling conversion to an object. Successful exploitation could lead to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Use After Free", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:3148", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "name": "GLSA-201701-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "name": "94873", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/94873" }, { "name": "1037442", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1037442" }, { "name": "RHSA-2016:2947", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "name": "openSUSE-SU-2016:3160", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-7881", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier", "version": { "version_data": [ { "version_value": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the MovieClip class when handling conversion to an object. Successful exploitation could lead to arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Use After Free" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:3148", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "name": "GLSA-201701-17", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201701-17" }, { "name": "94873", "refsource": "BID", "url": "http://www.securityfocus.com/bid/94873" }, { "name": "1037442", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037442" }, { "name": "RHSA-2016:2947", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "name": "openSUSE-SU-2016:3160", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-7881", "datePublished": "2016-12-15T06:31:00", "dateReserved": "2016-09-09T00:00:00", "dateUpdated": "2024-08-06T02:13:20.464Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-7873
Vulnerability from cvelistv5
Published
2016-12-15 06:31
Modified
2024-08-06 02:13
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the PSDK class related to ad policy functionality method. Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html | vendor-advisory, x_refsource_SUSE | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154 | vendor-advisory, x_refsource_MS | |
https://security.gentoo.org/glsa/201701-17 | vendor-advisory, x_refsource_GENTOO | |
http://www.securitytracker.com/id/1037442 | vdb-entry, x_refsource_SECTRACK | |
http://www.securityfocus.com/bid/94866 | vdb-entry, x_refsource_BID | |
http://rhn.redhat.com/errata/RHSA-2016-2947.html | vendor-advisory, x_refsource_REDHAT | |
https://helpx.adobe.com/security/products/flash-player/apsb16-39.html | x_refsource_CONFIRM | |
http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html | vendor-advisory, x_refsource_SUSE |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier |
Version: Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T02:13:20.276Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:3148", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "name": "GLSA-201701-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "name": "1037442", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1037442" }, { "name": "94866", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/94866" }, { "name": "RHSA-2016:2947", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "name": "openSUSE-SU-2016:3160", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier" } ] } ], "datePublic": "2016-12-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the PSDK class related to ad policy functionality method. Successful exploitation could lead to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Memory Corruption", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:3148", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "name": "GLSA-201701-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "name": "1037442", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1037442" }, { "name": "94866", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/94866" }, { "name": "RHSA-2016:2947", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "name": "openSUSE-SU-2016:3160", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-7873", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier", "version": { "version_data": [ { "version_value": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the PSDK class related to ad policy functionality method. Successful exploitation could lead to arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Memory Corruption" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:3148", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "name": "GLSA-201701-17", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201701-17" }, { "name": "1037442", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037442" }, { "name": "94866", "refsource": "BID", "url": "http://www.securityfocus.com/bid/94866" }, { "name": "RHSA-2016:2947", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "name": "openSUSE-SU-2016:3160", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-7873", "datePublished": "2016-12-15T06:31:00", "dateReserved": "2016-09-09T00:00:00", "dateUpdated": "2024-08-06T02:13:20.276Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-0969
Vulnerability from cvelistv5
Published
2016-02-10 20:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html | vendor-advisory, x_refsource_SUSE | |
http://www.securitytracker.com/id/1034970 | vdb-entry, x_refsource_SECTRACK | |
https://security.gentoo.org/glsa/201603-07 | vendor-advisory, x_refsource_GENTOO | |
http://rhn.redhat.com/errata/RHSA-2016-0166.html | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-04.html | x_refsource_CONFIRM | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html | vendor-advisory, x_refsource_SUSE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.300Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:0400", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-02-09T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-12-02T20:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:0400", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-0969", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:0400", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-0969", "datePublished": "2016-02-10T20:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.300Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4163
Vulnerability from cvelistv5
Published
2016-06-16 14:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4160, CVE-2016-4161, and CVE-2016-4162.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201606-08 | vendor-advisory, x_refsource_GENTOO | |
http://www.securityfocus.com/bid/90618 | vdb-entry, x_refsource_BID | |
https://helpx.adobe.com/security/products/flash-player/apsb16-15.html | x_refsource_CONFIRM | |
http://rhn.redhat.com/errata/RHSA-2016-1079.html | vendor-advisory, x_refsource_REDHAT |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.306Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201606-08", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201606-08" }, { "name": "90618", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/90618" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html" }, { "name": "RHSA-2016:1079", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1079.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-06-03T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4160, CVE-2016-4161, and CVE-2016-4162." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201606-08", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201606-08" }, { "name": "90618", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/90618" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html" }, { "name": "RHSA-2016:1079", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1079.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4163", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4160, CVE-2016-4161, and CVE-2016-4162." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201606-08", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201606-08" }, { "name": "90618", "refsource": "BID", "url": "http://www.securityfocus.com/bid/90618" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html" }, { "name": "RHSA-2016:1079", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-1079.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4163", "datePublished": "2016-06-16T14:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.306Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4231
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, and CVE-2016-4248.
References
▼ | URL | Tags |
---|---|---|
https://www.exploit-db.com/exploits/40356/ | exploit, x_refsource_EXPLOIT-DB | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
https://security.gentoo.org/glsa/201607-03 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/91719 | vdb-entry, x_refsource_BID | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093 | vendor-advisory, x_refsource_MS | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:25:13.695Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "40356", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/40356/" }, { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91719", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91719" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, and CVE-2016-4248." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "40356", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/40356/" }, { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91719", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91719" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4231", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, and CVE-2016-4248." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "40356", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/40356/" }, { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91719", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91719" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4231", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:25:13.695Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4224
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2016-4223 and CVE-2016-4225.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
https://security.gentoo.org/glsa/201607-03 | vendor-advisory, x_refsource_GENTOO | |
http://www.securityfocus.com/bid/91718 | vdb-entry, x_refsource_BID | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093 | vendor-advisory, x_refsource_MS | |
http://www.zerodayinitiative.com/advisories/ZDI-16-428 | x_refsource_MISC | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:25:13.284Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "91718", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91718" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-428" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code by leveraging an unspecified \"type confusion,\" a different vulnerability than CVE-2016-4223 and CVE-2016-4225." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "91718", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91718" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-428" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4224", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code by leveraging an unspecified \"type confusion,\" a different vulnerability than CVE-2016-4223 and CVE-2016-4225." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "91718", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91718" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-428", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-428" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4224", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:25:13.284Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-3100
Vulnerability from cvelistv5
Published
2017-07-14 05:00
Modified
2024-08-05 14:16
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 26.0.0.131 and earlier have an exploitable memory corruption vulnerability in the Action Script 2 BitmapData class. Successful exploitation could lead to memory address disclosure.
References
▼ | URL | Tags |
---|---|---|
http://www.securitytracker.com/id/1038845 | vdb-entry, x_refsource_SECTRACK | |
http://www.securityfocus.com/bid/99523 | vdb-entry, x_refsource_BID | |
https://access.redhat.com/errata/RHSA-2017:1731 | vendor-advisory, x_refsource_REDHAT | |
https://helpx.adobe.com/security/products/flash-player/apsb17-21.html | x_refsource_MISC | |
https://security.gentoo.org/glsa/201707-15 | vendor-advisory, x_refsource_GENTOO |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 26.0.0.131 and earlier. |
Version: Adobe Flash Player 26.0.0.131 and earlier. |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T14:16:27.912Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1038845", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1038845" }, { "name": "99523", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/99523" }, { "name": "RHSA-2017:1731", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:1731" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-21.html" }, { "name": "GLSA-201707-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201707-15" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 26.0.0.131 and earlier.", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 26.0.0.131 and earlier." } ] } ], "datePublic": "2017-07-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 26.0.0.131 and earlier have an exploitable memory corruption vulnerability in the Action Script 2 BitmapData class. Successful exploitation could lead to memory address disclosure." } ], "problemTypes": [ { "descriptions": [ { "description": "Memory Corruption", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "1038845", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1038845" }, { "name": "99523", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/99523" }, { "name": "RHSA-2017:1731", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:1731" }, { "tags": [ "x_refsource_MISC" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-21.html" }, { "name": "GLSA-201707-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201707-15" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2017-3100", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 26.0.0.131 and earlier.", "version": { "version_data": [ { "version_value": "Adobe Flash Player 26.0.0.131 and earlier." } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 26.0.0.131 and earlier have an exploitable memory corruption vulnerability in the Action Script 2 BitmapData class. Successful exploitation could lead to memory address disclosure." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Memory Corruption" } ] } ] }, "references": { "reference_data": [ { "name": "1038845", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1038845" }, { "name": "99523", "refsource": "BID", "url": "http://www.securityfocus.com/bid/99523" }, { "name": "RHSA-2017:1731", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:1731" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb17-21.html", "refsource": "MISC", "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-21.html" }, { "name": "GLSA-201707-15", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201707-15" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2017-3100", "datePublished": "2017-07-14T05:00:00", "dateReserved": "2016-12-02T00:00:00", "dateUpdated": "2024-08-05T14:16:27.912Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4166
Vulnerability from cvelistv5
Published
2016-06-16 14:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
▼ | URL | Tags |
---|---|---|
http://www.securitytracker.com/id/1036117 | vdb-entry, x_refsource_SECTRACK | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083 | vendor-advisory, x_refsource_MS | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html | vendor-advisory, x_refsource_SUSE | |
https://access.redhat.com/errata/RHSA-2016:1238 | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-18.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.312Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-06-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4166", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1036117", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4166", "datePublished": "2016-06-16T14:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.312Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4134
Vulnerability from cvelistv5
Published
2016-06-16 14:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
▼ | URL | Tags |
---|---|---|
http://www.securitytracker.com/id/1036117 | vdb-entry, x_refsource_SECTRACK | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083 | vendor-advisory, x_refsource_MS | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html | vendor-advisory, x_refsource_SUSE | |
https://access.redhat.com/errata/RHSA-2016:1238 | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-18.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.162Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-06-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4134", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1036117", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4134", "datePublished": "2016-06-16T14:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.162Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-0994
Vulnerability from cvelistv5
Published
2016-03-12 15:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code by using the actionCallMethod opcode with crafted arguments, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html | vendor-advisory, x_refsource_SUSE | |
http://www.securitytracker.com/id/1035251 | vdb-entry, x_refsource_SECTRACK | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html | vendor-advisory, x_refsource_SUSE | |
https://security.gentoo.org/glsa/201603-07 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-08.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/84312 | vdb-entry, x_refsource_BID | |
http://www.zerodayinitiative.com/advisories/ZDI-16-194/ | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html | vendor-advisory, x_refsource_SUSE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.458Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "openSUSE-SU-2016:0734", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "84312", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/84312" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-194/" }, { "name": "SUSE-SU-2016:0716", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-03-10T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code by using the actionCallMethod opcode with crafted arguments, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-12-01T15:57:02", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "openSUSE-SU-2016:0734", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "84312", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/84312" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-194/" }, { "name": "SUSE-SU-2016:0716", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-0994", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code by using the actionCallMethod opcode with crafted arguments, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "openSUSE-SU-2016:0734", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "GLSA-201603-07", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "84312", "refsource": "BID", "url": "http://www.securityfocus.com/bid/84312" }, { "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-194/", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-194/" }, { "name": "SUSE-SU-2016:0716", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-0994", "datePublished": "2016-03-12T15:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.458Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-1013
Vulnerability from cvelistv5
Published
2016-04-09 01:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1011, CVE-2016-1016, CVE-2016-1017, and CVE-2016-1031.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/85926 | vdb-entry, x_refsource_BID | |
http://rhn.redhat.com/errata/RHSA-2016-0610.html | vendor-advisory, x_refsource_REDHAT | |
https://www.exploit-db.com/exploits/39778/ | exploit, x_refsource_EXPLOIT-DB | |
http://www.securitytracker.com/id/1035509 | vdb-entry, x_refsource_SECTRACK | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050 | vendor-advisory, x_refsource_MS | |
https://helpx.adobe.com/security/products/flash-player/apsb16-10.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.653Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1305", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "85926", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/85926" }, { "name": "RHSA-2016:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "39778", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/39778/" }, { "name": "1035509", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1035509" }, { "name": "MS16-050", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-04-07T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1011, CVE-2016-1016, CVE-2016-1017, and CVE-2016-1031." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1305", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "85926", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/85926" }, { "name": "RHSA-2016:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "39778", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/39778/" }, { "name": "1035509", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1035509" }, { "name": "MS16-050", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-1013", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1011, CVE-2016-1016, CVE-2016-1017, and CVE-2016-1031." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1305", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "85926", "refsource": "BID", "url": "http://www.securityfocus.com/bid/85926" }, { "name": "RHSA-2016:0610", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "39778", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/39778/" }, { "name": "1035509", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035509" }, { "name": "MS16-050", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-1013", "datePublished": "2016-04-09T01:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.653Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-1016
Vulnerability from cvelistv5
Published
2016-04-09 01:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in the Transform object implementation in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via a flash.geom.Matrix callback, a different vulnerability than CVE-2016-1011, CVE-2016-1013, CVE-2016-1017, and CVE-2016-1031.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/85926 | vdb-entry, x_refsource_BID | |
http://rhn.redhat.com/errata/RHSA-2016-0610.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1035509 | vdb-entry, x_refsource_SECTRACK | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050 | vendor-advisory, x_refsource_MS | |
http://www.zerodayinitiative.com/advisories/ZDI-16-226/ | x_refsource_MISC | |
https://helpx.adobe.com/security/products/flash-player/apsb16-10.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.526Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1305", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "85926", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/85926" }, { "name": "RHSA-2016:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "1035509", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1035509" }, { "name": "MS16-050", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-226/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-04-07T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in the Transform object implementation in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via a flash.geom.Matrix callback, a different vulnerability than CVE-2016-1011, CVE-2016-1013, CVE-2016-1017, and CVE-2016-1031." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1305", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "85926", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/85926" }, { "name": "RHSA-2016:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "1035509", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1035509" }, { "name": "MS16-050", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-226/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-1016", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in the Transform object implementation in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via a flash.geom.Matrix callback, a different vulnerability than CVE-2016-1011, CVE-2016-1013, CVE-2016-1017, and CVE-2016-1031." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1305", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "85926", "refsource": "BID", "url": "http://www.securityfocus.com/bid/85926" }, { "name": "RHSA-2016:0610", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "1035509", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035509" }, { "name": "MS16-050", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" }, { "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-226/", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-226/" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-1016", "datePublished": "2016-04-09T01:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.526Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-7869
Vulnerability from cvelistv5
Published
2016-12-15 06:31
Modified
2024-08-06 02:13
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to backtrack search functionality. Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html | vendor-advisory, x_refsource_SUSE | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154 | vendor-advisory, x_refsource_MS | |
http://www.zerodayinitiative.com/advisories/ZDI-16-624 | x_refsource_MISC | |
http://www.securityfocus.com/bid/94871 | vdb-entry, x_refsource_BID | |
https://security.gentoo.org/glsa/201701-17 | vendor-advisory, x_refsource_GENTOO | |
http://www.securitytracker.com/id/1037442 | vdb-entry, x_refsource_SECTRACK | |
http://rhn.redhat.com/errata/RHSA-2016-2947.html | vendor-advisory, x_refsource_REDHAT | |
https://helpx.adobe.com/security/products/flash-player/apsb16-39.html | x_refsource_CONFIRM | |
http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html | vendor-advisory, x_refsource_SUSE |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier |
Version: Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T02:13:20.335Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:3148", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-624" }, { "name": "94871", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/94871" }, { "name": "GLSA-201701-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "name": "1037442", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1037442" }, { "name": "RHSA-2016:2947", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "name": "openSUSE-SU-2016:3160", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier" } ] } ], "datePublic": "2016-12-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to backtrack search functionality. Successful exploitation could lead to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Buffer Overflow / Underflow", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:3148", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-624" }, { "name": "94871", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/94871" }, { "name": "GLSA-201701-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "name": "1037442", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1037442" }, { "name": "RHSA-2016:2947", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "name": "openSUSE-SU-2016:3160", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-7869", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier", "version": { "version_data": [ { "version_value": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to backtrack search functionality. Successful exploitation could lead to arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Buffer Overflow / Underflow" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:3148", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-624", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-624" }, { "name": "94871", "refsource": "BID", "url": "http://www.securityfocus.com/bid/94871" }, { "name": "GLSA-201701-17", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201701-17" }, { "name": "1037442", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037442" }, { "name": "RHSA-2016:2947", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "name": "openSUSE-SU-2016:3160", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-7869", "datePublished": "2016-12-15T06:31:00", "dateReserved": "2016-09-09T00:00:00", "dateUpdated": "2024-08-06T02:13:20.335Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-3072
Vulnerability from cvelistv5
Published
2017-05-09 16:00
Modified
2024-08-05 14:16
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BitmapData class. Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201705-12 | vendor-advisory, x_refsource_GENTOO | |
https://helpx.adobe.com/security/products/flash-player/apsb17-15.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/98349 | vdb-entry, x_refsource_BID | |
https://access.redhat.com/errata/RHSA-2017:1219 | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1038427 | vdb-entry, x_refsource_SECTRACK |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 25.0.0.148 and earlier. |
Version: Adobe Flash Player 25.0.0.148 and earlier. |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T14:16:27.452Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201705-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201705-12" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-15.html" }, { "name": "98349", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/98349" }, { "name": "RHSA-2017:1219", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:1219" }, { "name": "1038427", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1038427" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 25.0.0.148 and earlier.", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 25.0.0.148 and earlier." } ] } ], "datePublic": "2017-05-09T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BitmapData class. Successful exploitation could lead to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Memory Corruption", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201705-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201705-12" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-15.html" }, { "name": "98349", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/98349" }, { "name": "RHSA-2017:1219", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:1219" }, { "name": "1038427", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1038427" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2017-3072", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 25.0.0.148 and earlier.", "version": { "version_data": [ { "version_value": "Adobe Flash Player 25.0.0.148 and earlier." } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BitmapData class. Successful exploitation could lead to arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Memory Corruption" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201705-12", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201705-12" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb17-15.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-15.html" }, { "name": "98349", "refsource": "BID", "url": "http://www.securityfocus.com/bid/98349" }, { "name": "RHSA-2017:1219", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:1219" }, { "name": "1038427", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1038427" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2017-3072", "datePublished": "2017-05-09T16:00:00", "dateReserved": "2016-12-02T00:00:00", "dateUpdated": "2024-08-05T14:16:27.452Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-0999
Vulnerability from cvelistv5
Published
2016-03-12 15:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, and CVE-2016-1000.
References
▼ | URL | Tags |
---|---|---|
https://www.exploit-db.com/exploits/39611/ | exploit, x_refsource_EXPLOIT-DB | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html | vendor-advisory, x_refsource_SUSE | |
http://www.securitytracker.com/id/1035251 | vdb-entry, x_refsource_SECTRACK | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html | vendor-advisory, x_refsource_SUSE | |
https://security.gentoo.org/glsa/201603-07 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-08.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/84312 | vdb-entry, x_refsource_BID | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html | vendor-advisory, x_refsource_SUSE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.614Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "39611", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/39611/" }, { "name": "openSUSE-SU-2016:0734", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "84312", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/84312" }, { "name": "SUSE-SU-2016:0716", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-03-10T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, and CVE-2016-1000." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-07T09:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "39611", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/39611/" }, { "name": "openSUSE-SU-2016:0734", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "84312", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/84312" }, { "name": "SUSE-SU-2016:0716", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-0999", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, and CVE-2016-1000." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "39611", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/39611/" }, { "name": "openSUSE-SU-2016:0734", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "GLSA-201603-07", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "84312", "refsource": "BID", "url": "http://www.securityfocus.com/bid/84312" }, { "name": "SUSE-SU-2016:0716", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-0999", "datePublished": "2016-03-12T15:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.614Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4187
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/91725 | vdb-entry, x_refsource_BID | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.379Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4187", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91725" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4187", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.379Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4271
Vulnerability from cvelistv5
Published
2016-09-14 18:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-4277 and CVE-2016-4278, aka a "local-with-filesystem Flash sandbox bypass" issue.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201610-10 | vendor-advisory, x_refsource_GENTOO | |
http://lab.truel.it/flash-sandbox-bypass/ | x_refsource_MISC | |
https://blog.bjornweb.nl/2017/02/flash-bypassing-local-sandbox-data-exfiltration-credentials-leak/ | x_refsource_MISC | |
https://helpx.adobe.com/security/products/flash-player/apsb16-29.html | x_refsource_CONFIRM | |
http://rhn.redhat.com/errata/RHSA-2016-1865.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1036791 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:25:13.913Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://lab.truel.it/flash-sandbox-bypass/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://blog.bjornweb.nl/2017/02/flash-bypassing-local-sandbox-data-exfiltration-credentials-leak/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036791" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-09-13T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-4277 and CVE-2016-4278, aka a \"local-with-filesystem Flash sandbox bypass\" issue." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_MISC" ], "url": "http://lab.truel.it/flash-sandbox-bypass/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://blog.bjornweb.nl/2017/02/flash-bypassing-local-sandbox-data-exfiltration-credentials-leak/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036791" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-4271", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-4277 and CVE-2016-4278, aka a \"local-with-filesystem Flash sandbox bypass\" issue." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201610-10", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201610-10" }, { "name": "http://lab.truel.it/flash-sandbox-bypass/", "refsource": "MISC", "url": "http://lab.truel.it/flash-sandbox-bypass/" }, { "name": "https://blog.bjornweb.nl/2017/02/flash-bypassing-local-sandbox-data-exfiltration-credentials-leak/", "refsource": "MISC", "url": "https://blog.bjornweb.nl/2017/02/flash-bypassing-local-sandbox-data-exfiltration-credentials-leak/" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "1036791", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036791" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2016-4271", "datePublished": "2016-09-14T18:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:25:13.913Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-8070
Vulnerability from cvelistv5
Published
2019-09-12 18:07
Modified
2024-08-04 21:10
Severity ?
EPSS score ?
Summary
Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and earlier versions have a Use after free vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user.
References
▼ | URL | Tags |
---|---|---|
https://helpx.adobe.com/security/products/flash-player/apsb19-46.html | x_refsource_CONFIRM | |
https://security.gentoo.org/glsa/201911-05 | vendor-advisory, x_refsource_GENTOO |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Adobe | Flash Player |
Version: 32.0.0.238 and earlier versions Version: 32.0.0.207 and earlier versions |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T21:10:32.563Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb19-46.html" }, { "name": "GLSA-201911-05", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201911-05" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Flash Player", "vendor": "Adobe", "versions": [ { "status": "affected", "version": "32.0.0.238 and earlier versions" }, { "status": "affected", "version": "32.0.0.207 and earlier versions" } ] } ], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and earlier versions have a Use after free vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user." } ], "problemTypes": [ { "descriptions": [ { "description": "Use After Free", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-11-25T01:07:33", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb19-46.html" }, { "name": "GLSA-201911-05", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201911-05" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2019-8070", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Flash Player", "version": { "version_data": [ { "version_value": "32.0.0.238 and earlier versions" }, { "version_value": "32.0.0.207 and earlier versions" } ] } } ] }, "vendor_name": "Adobe" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and earlier versions have a Use after free vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Use After Free" } ] } ] }, "references": { "reference_data": [ { "name": "https://helpx.adobe.com/security/products/flash-player/apsb19-46.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb19-46.html" }, { "name": "GLSA-201911-05", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201911-05" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2019-8070", "datePublished": "2019-09-12T18:07:35", "dateReserved": "2019-02-12T00:00:00", "dateUpdated": "2024-08-04T21:10:32.563Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-7880
Vulnerability from cvelistv5
Published
2016-12-15 06:31
Modified
2024-08-06 02:13
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability when setting the length property of an array object. Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html | vendor-advisory, x_refsource_SUSE | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154 | vendor-advisory, x_refsource_MS | |
https://security.gentoo.org/glsa/201701-17 | vendor-advisory, x_refsource_GENTOO | |
http://www.securityfocus.com/bid/94873 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1037442 | vdb-entry, x_refsource_SECTRACK | |
http://rhn.redhat.com/errata/RHSA-2016-2947.html | vendor-advisory, x_refsource_REDHAT | |
https://helpx.adobe.com/security/products/flash-player/apsb16-39.html | x_refsource_CONFIRM | |
http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html | vendor-advisory, x_refsource_SUSE |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier |
Version: Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T02:13:20.318Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:3148", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "name": "GLSA-201701-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "name": "94873", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/94873" }, { "name": "1037442", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1037442" }, { "name": "RHSA-2016:2947", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "name": "openSUSE-SU-2016:3160", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier" } ] } ], "datePublic": "2016-12-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability when setting the length property of an array object. Successful exploitation could lead to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Use After Free", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:3148", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "name": "GLSA-201701-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "name": "94873", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/94873" }, { "name": "1037442", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1037442" }, { "name": "RHSA-2016:2947", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "name": "openSUSE-SU-2016:3160", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-7880", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier", "version": { "version_data": [ { "version_value": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability when setting the length property of an array object. Successful exploitation could lead to arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Use After Free" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:3148", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "name": "GLSA-201701-17", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201701-17" }, { "name": "94873", "refsource": "BID", "url": "http://www.securityfocus.com/bid/94873" }, { "name": "1037442", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037442" }, { "name": "RHSA-2016:2947", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "name": "openSUSE-SU-2016:3160", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-7880", "datePublished": "2016-12-15T06:31:00", "dateReserved": "2016-09-09T00:00:00", "dateUpdated": "2024-08-06T02:13:20.318Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-1018
Vulnerability from cvelistv5
Published
2016-04-09 01:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Stack-based buffer overflow in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via crafted JPEG-XR data.
References
▼ | URL | Tags |
---|---|---|
http://www.zerodayinitiative.com/advisories/ZDI-16-228/ | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html | vendor-advisory, x_refsource_SUSE | |
http://rhn.redhat.com/errata/RHSA-2016-0610.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1035509 | vdb-entry, x_refsource_SECTRACK | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050 | vendor-advisory, x_refsource_MS | |
https://helpx.adobe.com/security/products/flash-player/apsb16-10.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.570Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-228/" }, { "name": "SUSE-SU-2016:1305", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "RHSA-2016:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "1035509", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1035509" }, { "name": "MS16-050", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-04-07T00:00:00", "descriptions": [ { "lang": "en", "value": "Stack-based buffer overflow in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via crafted JPEG-XR data." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-228/" }, { "name": "SUSE-SU-2016:1305", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "RHSA-2016:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "1035509", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1035509" }, { "name": "MS16-050", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-1018", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Stack-based buffer overflow in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via crafted JPEG-XR data." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-228/", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-228/" }, { "name": "SUSE-SU-2016:1305", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "RHSA-2016:0610", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "1035509", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035509" }, { "name": "MS16-050", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-1018", "datePublished": "2016-04-09T01:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.570Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4177
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4176.
References
▼ | URL | Tags |
---|---|---|
https://www.exploit-db.com/exploits/40104/ | exploit, x_refsource_EXPLOIT-DB | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/bid/91721 | vdb-entry, x_refsource_BID | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093 | vendor-advisory, x_refsource_MS | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.382Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "40104", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/40104/" }, { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "91721", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91721" }, { "name": "MS16-093", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4176." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "40104", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/40104/" }, { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "91721", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91721" }, { "name": "MS16-093", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4177", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4176." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "40104", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/40104/" }, { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "91721", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91721" }, { "name": "MS16-093", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4177", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.382Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4235
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
https://security.gentoo.org/glsa/201607-03 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/91725 | vdb-entry, x_refsource_BID | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:25:13.664Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4235", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91725" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4235", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:25:13.664Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4249
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/91722 | vdb-entry, x_refsource_BID | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
https://security.gentoo.org/glsa/201607-03 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093 | vendor-advisory, x_refsource_MS | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:25:14.018Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "91722", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91722" }, { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Heap-based buffer overflow in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "91722", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91722" }, { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4249", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Heap-based buffer overflow in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "91722", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91722" }, { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4249", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:25:14.018Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-11305
Vulnerability from cvelistv5
Published
2017-12-13 21:00
Modified
2024-08-05 18:05
Severity ?
EPSS score ?
Summary
A regression affecting Adobe Flash Player version 27.0.0.187 (and earlier versions) causes the unintended reset of the global settings preference file when a user clears browser data.
References
▼ | URL | Tags |
---|---|---|
https://helpx.adobe.com/security/products/flash-player/apsb17-42.html | x_refsource_CONFIRM | |
http://www.securitytracker.com/id/1039986 | vdb-entry, x_refsource_SECTRACK | |
https://access.redhat.com/errata/RHSA-2018:0081 | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/bid/102139 | vdb-entry, x_refsource_BID |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 27.0.0.187 and earlier versions |
Version: Adobe Flash Player 27.0.0.187 and earlier versions |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T18:05:30.567Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-42.html" }, { "name": "1039986", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1039986" }, { "name": "RHSA-2018:0081", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:0081" }, { "name": "102139", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/102139" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 27.0.0.187 and earlier versions", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 27.0.0.187 and earlier versions" } ] } ], "datePublic": "2017-12-13T00:00:00", "descriptions": [ { "lang": "en", "value": "A regression affecting Adobe Flash Player version 27.0.0.187 (and earlier versions) causes the unintended reset of the global settings preference file when a user clears browser data." } ], "problemTypes": [ { "descriptions": [ { "description": "Business Logic Error", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-11T10:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-42.html" }, { "name": "1039986", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1039986" }, { "name": "RHSA-2018:0081", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:0081" }, { "name": "102139", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/102139" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2017-11305", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 27.0.0.187 and earlier versions", "version": { "version_data": [ { "version_value": "Adobe Flash Player 27.0.0.187 and earlier versions" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A regression affecting Adobe Flash Player version 27.0.0.187 (and earlier versions) causes the unintended reset of the global settings preference file when a user clears browser data." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Business Logic Error" } ] } ] }, "references": { "reference_data": [ { "name": "https://helpx.adobe.com/security/products/flash-player/apsb17-42.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-42.html" }, { "name": "1039986", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1039986" }, { "name": "RHSA-2018:0081", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:0081" }, { "name": "102139", "refsource": "BID", "url": "http://www.securityfocus.com/bid/102139" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2017-11305", "datePublished": "2017-12-13T21:00:00", "dateReserved": "2017-07-13T00:00:00", "dateUpdated": "2024-08-05T18:05:30.567Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4284
Vulnerability from cvelistv5
Published
2016-09-14 18:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201610-10 | vendor-advisory, x_refsource_GENTOO | |
https://helpx.adobe.com/security/products/flash-player/apsb16-29.html | x_refsource_CONFIRM | |
http://rhn.redhat.com/errata/RHSA-2016-1865.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/bid/92930 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1036791 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:25:14.084Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92930", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/92930" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036791" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-09-13T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92930", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/92930" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036791" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4284", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201610-10", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201610-10" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92930", "refsource": "BID", "url": "http://www.securityfocus.com/bid/92930" }, { "name": "1036791", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036791" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4284", "datePublished": "2016-09-14T18:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:25:14.084Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4281
Vulnerability from cvelistv5
Published
2016-09-14 18:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201610-10 | vendor-advisory, x_refsource_GENTOO | |
https://helpx.adobe.com/security/products/flash-player/apsb16-29.html | x_refsource_CONFIRM | |
http://rhn.redhat.com/errata/RHSA-2016-1865.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/bid/92930 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1036791 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:25:14.165Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92930", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/92930" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036791" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-09-13T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92930", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/92930" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036791" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4281", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201610-10", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201610-10" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92930", "refsource": "BID", "url": "http://www.securityfocus.com/bid/92930" }, { "name": "1036791", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036791" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4281", "datePublished": "2016-09-14T18:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:25:14.165Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-8069
Vulnerability from cvelistv5
Published
2019-09-12 18:04
Modified
2024-08-04 21:10
Severity ?
EPSS score ?
Summary
Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and earlier versions have a Same Origin Method Execution vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user.
References
▼ | URL | Tags |
---|---|---|
https://helpx.adobe.com/security/products/flash-player/apsb19-46.html | x_refsource_CONFIRM | |
https://security.gentoo.org/glsa/201911-05 | vendor-advisory, x_refsource_GENTOO |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Adobe | Flash Player |
Version: 32.0.0.238 and earlier versions Version: 32.0.0.207 and earlier versions |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T21:10:32.611Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb19-46.html" }, { "name": "GLSA-201911-05", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201911-05" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Flash Player", "vendor": "Adobe", "versions": [ { "status": "affected", "version": "32.0.0.238 and earlier versions" }, { "status": "affected", "version": "32.0.0.207 and earlier versions" } ] } ], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and earlier versions have a Same Origin Method Execution vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user." } ], "problemTypes": [ { "descriptions": [ { "description": "Same Origin Method Execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-11-25T01:07:32", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb19-46.html" }, { "name": "GLSA-201911-05", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201911-05" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2019-8069", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Flash Player", "version": { "version_data": [ { "version_value": "32.0.0.238 and earlier versions" }, { "version_value": "32.0.0.207 and earlier versions" } ] } } ] }, "vendor_name": "Adobe" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and earlier versions have a Same Origin Method Execution vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Same Origin Method Execution" } ] } ] }, "references": { "reference_data": [ { "name": "https://helpx.adobe.com/security/products/flash-player/apsb19-46.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb19-46.html" }, { "name": "GLSA-201911-05", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201911-05" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2019-8069", "datePublished": "2019-09-12T18:04:16", "dateReserved": "2019-02-12T00:00:00", "dateUpdated": "2024-08-04T21:10:32.611Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-1024
Vulnerability from cvelistv5
Published
2016-04-09 01:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html | vendor-advisory, x_refsource_SUSE | |
http://rhn.redhat.com/errata/RHSA-2016-0610.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/bid/85932 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1035509 | vdb-entry, x_refsource_SECTRACK | |
https://helpx.adobe.com/security/products/flash-player/apsb16-10.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.542Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1305", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "RHSA-2016:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "85932", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/85932" }, { "name": "1035509", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1035509" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-04-07T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-06-07T09:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1305", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "RHSA-2016:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "85932", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/85932" }, { "name": "1035509", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1035509" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-1024", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1305", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "RHSA-2016:0610", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "85932", "refsource": "BID", "url": "http://www.securityfocus.com/bid/85932" }, { "name": "1035509", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035509" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-1024", "datePublished": "2016-04-09T01:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.542Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-6922
Vulnerability from cvelistv5
Published
2016-09-14 18:00
Modified
2024-08-06 01:43
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, and CVE-2016-6924.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201610-10 | vendor-advisory, x_refsource_GENTOO | |
https://helpx.adobe.com/security/products/flash-player/apsb16-29.html | x_refsource_CONFIRM | |
http://rhn.redhat.com/errata/RHSA-2016-1865.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/bid/92930 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1036791 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T01:43:38.589Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92930", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/92930" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036791" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-09-13T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, and CVE-2016-6924." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92930", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/92930" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036791" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-6922", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, and CVE-2016-6924." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201610-10", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201610-10" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92930", "refsource": "BID", "url": "http://www.securityfocus.com/bid/92930" }, { "name": "1036791", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036791" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-6922", "datePublished": "2016-09-14T18:00:00", "dateReserved": "2016-08-23T00:00:00", "dateUpdated": "2024-08-06T01:43:38.589Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4234
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
https://security.gentoo.org/glsa/201607-03 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/91725 | vdb-entry, x_refsource_BID | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:25:13.720Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4234", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91725" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4234", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:25:13.720Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4160
Vulnerability from cvelistv5
Published
2016-06-16 14:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4161, CVE-2016-4162, and CVE-2016-4163.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201606-08 | vendor-advisory, x_refsource_GENTOO | |
http://www.securityfocus.com/bid/90618 | vdb-entry, x_refsource_BID | |
https://helpx.adobe.com/security/products/flash-player/apsb16-15.html | x_refsource_CONFIRM | |
http://rhn.redhat.com/errata/RHSA-2016-1079.html | vendor-advisory, x_refsource_REDHAT |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.205Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201606-08", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201606-08" }, { "name": "90618", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/90618" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html" }, { "name": "RHSA-2016:1079", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1079.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-06-03T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4161, CVE-2016-4162, and CVE-2016-4163." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201606-08", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201606-08" }, { "name": "90618", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/90618" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html" }, { "name": "RHSA-2016:1079", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1079.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4160", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4161, CVE-2016-4162, and CVE-2016-4163." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201606-08", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201606-08" }, { "name": "90618", "refsource": "BID", "url": "http://www.securityfocus.com/bid/90618" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html" }, { "name": "RHSA-2016:1079", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-1079.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4160", "datePublished": "2016-06-16T14:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.205Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-6984
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:50
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989, and CVE-2016-6990.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201610-10 | vendor-advisory, x_refsource_GENTOO | |
https://helpx.adobe.com/security/products/flash-player/apsb16-32.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/93490 | vdb-entry, x_refsource_BID | |
http://rhn.redhat.com/errata/RHSA-2016-2057.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1036985 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T01:50:46.000Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "name": "93490", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/93490" }, { "name": "RHSA-2016:2057", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "name": "1036985", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036985" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-10-11T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989, and CVE-2016-6990." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "name": "93490", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/93490" }, { "name": "RHSA-2016:2057", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "name": "1036985", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036985" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-6984", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989, and CVE-2016-6990." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201610-10", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201610-10" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "name": "93490", "refsource": "BID", "url": "http://www.securityfocus.com/bid/93490" }, { "name": "RHSA-2016:2057", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "name": "1036985", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036985" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-6984", "datePublished": "2016-10-13T19:00:00", "dateReserved": "2016-08-23T00:00:00", "dateUpdated": "2024-08-06T01:50:46.000Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4278
Vulnerability from cvelistv5
Published
2016-09-14 18:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-4271 and CVE-2016-4277.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201610-10 | vendor-advisory, x_refsource_GENTOO | |
https://helpx.adobe.com/security/products/flash-player/apsb16-29.html | x_refsource_CONFIRM | |
http://rhn.redhat.com/errata/RHSA-2016-1865.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1036791 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:25:13.940Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036791" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-09-13T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-4271 and CVE-2016-4277." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036791" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4278", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-4271 and CVE-2016-4277." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201610-10", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201610-10" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "1036791", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036791" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4278", "datePublished": "2016-09-14T18:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:25:13.940Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2020-9633
Vulnerability from cvelistv5
Published
2020-06-12 13:17
Modified
2024-08-04 10:34
Severity ?
EPSS score ?
Summary
Adobe Flash Player Desktop Runtime 32.0.0.371 and earlier, Adobe Flash Player for Google Chrome 32.0.0.371 and earlier, and Adobe Flash Player for Microsoft Edge and Internet Explorer 32.0.0.330 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
https://helpx.adobe.com/security/products/flash-player/apsb20-30.html | x_refsource_CONFIRM | |
https://security.gentoo.org/glsa/202006-09 | vendor-advisory, x_refsource_GENTOO |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Adobe | Adobe Flash Player |
Version: 32.0.0.371 and earlier, 32.0.0.371 and earlier, and 32.0.0.330 and earlier versions |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T10:34:39.943Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb20-30.html" }, { "name": "GLSA-202006-09", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202006-09" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player", "vendor": "Adobe", "versions": [ { "status": "affected", "version": "32.0.0.371 and earlier, 32.0.0.371 and earlier, and 32.0.0.330 and earlier versions" } ] } ], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player Desktop Runtime 32.0.0.371 and earlier, Adobe Flash Player for Google Chrome 32.0.0.371 and earlier, and Adobe Flash Player for Microsoft Edge and Internet Explorer 32.0.0.330 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Use After Free ", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2020-07-06T13:37:40", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb20-30.html" }, { "name": "GLSA-202006-09", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202006-09" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2020-9633", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player", "version": { "version_data": [ { "version_value": "32.0.0.371 and earlier, 32.0.0.371 and earlier, and 32.0.0.330 and earlier versions" } ] } } ] }, "vendor_name": "Adobe" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player Desktop Runtime 32.0.0.371 and earlier, Adobe Flash Player for Google Chrome 32.0.0.371 and earlier, and Adobe Flash Player for Microsoft Edge and Internet Explorer 32.0.0.330 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Use After Free " } ] } ] }, "references": { "reference_data": [ { "name": "https://helpx.adobe.com/security/products/flash-player/apsb20-30.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb20-30.html" }, { "name": "GLSA-202006-09", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202006-09" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2020-9633", "datePublished": "2020-06-12T13:17:20", "dateReserved": "2020-03-02T00:00:00", "dateUpdated": "2024-08-04T10:34:39.943Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4184
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/91725 | vdb-entry, x_refsource_BID | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.319Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4184", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91725" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4184", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.319Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-0979
Vulnerability from cvelistv5
Published
2016-02-10 20:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0980, and CVE-2016-0981.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html | vendor-advisory, x_refsource_SUSE | |
http://www.securitytracker.com/id/1034970 | vdb-entry, x_refsource_SECTRACK | |
https://security.gentoo.org/glsa/201603-07 | vendor-advisory, x_refsource_GENTOO | |
http://rhn.redhat.com/errata/RHSA-2016-0166.html | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-04.html | x_refsource_CONFIRM | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html | vendor-advisory, x_refsource_SUSE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.314Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:0400", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-02-09T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0980, and CVE-2016-0981." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-12-02T20:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:0400", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-0979", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0980, and CVE-2016-0981." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:0400", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-0979", "datePublished": "2016-02-10T20:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.314Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4145
Vulnerability from cvelistv5
Published
2016-06-16 14:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
▼ | URL | Tags |
---|---|---|
http://www.securitytracker.com/id/1036117 | vdb-entry, x_refsource_SECTRACK | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083 | vendor-advisory, x_refsource_MS | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html | vendor-advisory, x_refsource_SUSE | |
https://access.redhat.com/errata/RHSA-2016:1238 | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-18.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.157Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-06-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4145", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1036117", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4145", "datePublished": "2016-06-16T14:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.157Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-1019
Vulnerability from cvelistv5
Published
2016-04-07 10:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Adobe Flash Player 21.0.0.197 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors, as exploited in the wild in April 2016.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.639Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.fireeye.com/blog/threat-research/2016/04/cve-2016-1019_a_new.html" }, { "name": "GLSA-201606-08", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201606-08" }, { "name": "openSUSE-SU-2016:0997", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00012.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsa16-01.html" }, { "name": "SUSE-SU-2016:0990", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00010.html" }, { "name": "1035491", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1035491" }, { "name": "SUSE-SU-2016:1305", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://blogs.adobe.com/psirt/?p=1330" }, { "name": "openSUSE-SU-2016:0987", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00009.html" }, { "name": "openSUSE-SU-2016:1306", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "openSUSE-SU-2016:1157", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00055.html" }, { "name": "RHSA-2016:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "MS16-050", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" }, { "name": "85856", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/85856" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-04-05T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player 21.0.0.197 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors, as exploited in the wild in April 2016." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.fireeye.com/blog/threat-research/2016/04/cve-2016-1019_a_new.html" }, { "name": "GLSA-201606-08", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201606-08" }, { "name": "openSUSE-SU-2016:0997", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00012.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsa16-01.html" }, { "name": "SUSE-SU-2016:0990", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00010.html" }, { "name": "1035491", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1035491" }, { "name": "SUSE-SU-2016:1305", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://blogs.adobe.com/psirt/?p=1330" }, { "name": "openSUSE-SU-2016:0987", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00009.html" }, { "name": "openSUSE-SU-2016:1306", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "openSUSE-SU-2016:1157", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00055.html" }, { "name": "RHSA-2016:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "MS16-050", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" }, { "name": "85856", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/85856" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-1019", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player 21.0.0.197 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors, as exploited in the wild in April 2016." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.fireeye.com/blog/threat-research/2016/04/cve-2016-1019_a_new.html", "refsource": "MISC", "url": "https://www.fireeye.com/blog/threat-research/2016/04/cve-2016-1019_a_new.html" }, { "name": "GLSA-201606-08", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201606-08" }, { "name": "openSUSE-SU-2016:0997", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00012.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsa16-01.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsa16-01.html" }, { "name": "SUSE-SU-2016:0990", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00010.html" }, { "name": "1035491", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035491" }, { "name": "SUSE-SU-2016:1305", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "http://blogs.adobe.com/psirt/?p=1330", "refsource": "CONFIRM", "url": "http://blogs.adobe.com/psirt/?p=1330" }, { "name": "openSUSE-SU-2016:0987", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00009.html" }, { "name": "openSUSE-SU-2016:1306", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "openSUSE-SU-2016:1157", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00055.html" }, { "name": "RHSA-2016:0610", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "MS16-050", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" }, { "name": "85856", "refsource": "BID", "url": "http://www.securityfocus.com/bid/85856" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-1019", "datePublished": "2016-04-07T10:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.639Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4243
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
https://security.gentoo.org/glsa/201607-03 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/91725 | vdb-entry, x_refsource_BID | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:25:13.850Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4243", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91725" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4243", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:25:13.850Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4272
Vulnerability from cvelistv5
Published
2016-09-14 18:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201610-10 | vendor-advisory, x_refsource_GENTOO | |
https://helpx.adobe.com/security/products/flash-player/apsb16-29.html | x_refsource_CONFIRM | |
http://rhn.redhat.com/errata/RHSA-2016-1865.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/bid/92927 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1036791 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:25:14.351Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92927", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/92927" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036791" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-09-13T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92927", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/92927" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036791" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4272", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201610-10", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201610-10" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92927", "refsource": "BID", "url": "http://www.securityfocus.com/bid/92927" }, { "name": "1036791", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036791" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4272", "datePublished": "2016-09-14T18:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:25:14.351Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-3106
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-16 16:33
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 26.0.0.137 and earlier have an exploitable type confusion vulnerability when parsing SWF files. Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
https://www.exploit-db.com/exploits/42480/ | exploit, x_refsource_EXPLOIT-DB | |
http://www.securitytracker.com/id/1039088 | vdb-entry, x_refsource_SECTRACK | |
http://www.securityfocus.com/bid/100190 | vdb-entry, x_refsource_BID | |
https://security.gentoo.org/glsa/201709-16 | vendor-advisory, x_refsource_GENTOO | |
https://access.redhat.com/errata/RHSA-2017:2457 | vendor-advisory, x_refsource_REDHAT | |
https://helpx.adobe.com/security/products/flash-player/apsb17-23.html | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Adobe Systems Incorporated | Flash Player |
Version: 26.0.0.137 and earlier. |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T14:16:27.873Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "42480", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/42480/" }, { "name": "1039088", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1039088" }, { "name": "100190", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/100190" }, { "name": "GLSA-201709-16", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201709-16" }, { "name": "RHSA-2017:2457", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:2457" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-23.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Flash Player", "vendor": "Adobe Systems Incorporated", "versions": [ { "status": "affected", "version": "26.0.0.137 and earlier." } ] } ], "datePublic": "2017-08-08T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 26.0.0.137 and earlier have an exploitable type confusion vulnerability when parsing SWF files. Successful exploitation could lead to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Type Confusion", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "42480", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/42480/" }, { "name": "1039088", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1039088" }, { "name": "100190", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/100190" }, { "name": "GLSA-201709-16", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201709-16" }, { "name": "RHSA-2017:2457", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:2457" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-23.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "DATE_PUBLIC": "2017-08-08T00:00:00", "ID": "CVE-2017-3106", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Flash Player", "version": { "version_data": [ { "version_value": "26.0.0.137 and earlier." } ] } } ] }, "vendor_name": "Adobe Systems Incorporated" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 26.0.0.137 and earlier have an exploitable type confusion vulnerability when parsing SWF files. Successful exploitation could lead to arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Type Confusion" } ] } ] }, "references": { "reference_data": [ { "name": "42480", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/42480/" }, { "name": "1039088", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1039088" }, { "name": "100190", "refsource": "BID", "url": "http://www.securityfocus.com/bid/100190" }, { "name": "GLSA-201709-16", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201709-16" }, { "name": "RHSA-2017:2457", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2457" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb17-23.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-23.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2017-3106", "datePublished": "2017-08-11T19:00:00Z", "dateReserved": "2016-12-02T00:00:00", "dateUpdated": "2024-09-16T16:33:04.918Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4220
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
https://security.gentoo.org/glsa/201607-03 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/91725 | vdb-entry, x_refsource_BID | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:25:13.265Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4220", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91725" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4220", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:25:13.265Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-0992
Vulnerability from cvelistv5
Published
2016-03-12 15:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-1002, and CVE-2016-1005.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html | vendor-advisory, x_refsource_SUSE | |
http://www.securitytracker.com/id/1035251 | vdb-entry, x_refsource_SECTRACK | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/84311 | vdb-entry, x_refsource_BID | |
https://security.gentoo.org/glsa/201603-07 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-08.html | x_refsource_CONFIRM | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html | vendor-advisory, x_refsource_SUSE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.331Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "openSUSE-SU-2016:0734", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "84311", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/84311" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "SUSE-SU-2016:0716", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-03-10T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-1002, and CVE-2016-1005." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-01-03T10:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "openSUSE-SU-2016:0734", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "84311", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/84311" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "SUSE-SU-2016:0716", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-0992", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-1002, and CVE-2016-1005." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "openSUSE-SU-2016:0734", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "84311", "refsource": "BID", "url": "http://www.securityfocus.com/bid/84311" }, { "name": "GLSA-201603-07", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "SUSE-SU-2016:0716", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-0992", "datePublished": "2016-03-12T15:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.331Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-7108
Vulnerability from cvelistv5
Published
2019-05-23 16:49
Modified
2024-08-04 20:38
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 32.0.0.156 and earlier, 32.0.0.156 and earlier, and 32.0.0.156 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .
References
▼ | URL | Tags |
---|---|---|
https://helpx.adobe.com/security/products/flash-player/apsb19-19.html | x_refsource_CONFIRM | |
https://security.gentoo.org/glsa/201908-21 | vendor-advisory, x_refsource_GENTOO |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Adobe | Adobe Flash Player |
Version: 32.0.0.156 and earlier, 32.0.0.156 and earlier, and 32.0.0.156 and earlier versions |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T20:38:33.234Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb19-19.html" }, { "name": "GLSA-201908-21", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201908-21" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player", "vendor": "Adobe", "versions": [ { "status": "affected", "version": "32.0.0.156 and earlier, 32.0.0.156 and earlier, and 32.0.0.156\u202fand earlier versions" } ] } ], "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 32.0.0.156 and earlier, 32.0.0.156 and earlier, and 32.0.0.156 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure ." } ], "problemTypes": [ { "descriptions": [ { "description": "Out-of-bounds read\u202f", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-08-18T04:06:06", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb19-19.html" }, { "name": "GLSA-201908-21", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201908-21" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2019-7108", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player", "version": { "version_data": [ { "version_value": "32.0.0.156 and earlier, 32.0.0.156 and earlier, and 32.0.0.156\u202fand earlier versions" } ] } } ] }, "vendor_name": "Adobe" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 32.0.0.156 and earlier, 32.0.0.156 and earlier, and 32.0.0.156 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure ." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Out-of-bounds read\u202f" } ] } ] }, "references": { "reference_data": [ { "name": "https://helpx.adobe.com/security/products/flash-player/apsb19-19.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb19-19.html" }, { "name": "GLSA-201908-21", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201908-21" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2019-7108", "datePublished": "2019-05-23T16:49:20", "dateReserved": "2019-01-28T00:00:00", "dateUpdated": "2024-08-04T20:38:33.234Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-2998
Vulnerability from cvelistv5
Published
2017-03-14 16:00
Modified
2024-08-05 14:09
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK API functionality related to timeline interactions. Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
https://helpx.adobe.com/security/products/flash-player/apsb17-07.html | x_refsource_CONFIRM | |
https://security.gentoo.org/glsa/201703-02 | vendor-advisory, x_refsource_GENTOO | |
http://www.securityfocus.com/bid/96866 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1037994 | vdb-entry, x_refsource_SECTRACK | |
http://rhn.redhat.com/errata/RHSA-2017-0526.html | vendor-advisory, x_refsource_REDHAT |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 24.0.0.221 and earlier. |
Version: Adobe Flash Player 24.0.0.221 and earlier. |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T14:09:18.137Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-07.html" }, { "name": "GLSA-201703-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201703-02" }, { "name": "96866", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/96866" }, { "name": "1037994", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1037994" }, { "name": "RHSA-2017:0526", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0526.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 24.0.0.221 and earlier.", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 24.0.0.221 and earlier." } ] } ], "datePublic": "2017-03-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK API functionality related to timeline interactions. Successful exploitation could lead to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Memory Corruption", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-07.html" }, { "name": "GLSA-201703-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201703-02" }, { "name": "96866", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/96866" }, { "name": "1037994", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1037994" }, { "name": "RHSA-2017:0526", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0526.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2017-2998", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 24.0.0.221 and earlier.", "version": { "version_data": [ { "version_value": "Adobe Flash Player 24.0.0.221 and earlier." } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK API functionality related to timeline interactions. Successful exploitation could lead to arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Memory Corruption" } ] } ] }, "references": { "reference_data": [ { "name": "https://helpx.adobe.com/security/products/flash-player/apsb17-07.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-07.html" }, { "name": "GLSA-201703-02", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201703-02" }, { "name": "96866", "refsource": "BID", "url": "http://www.securityfocus.com/bid/96866" }, { "name": "1037994", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037994" }, { "name": "RHSA-2017:0526", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2017-0526.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2017-2998", "datePublished": "2017-03-14T16:00:00", "dateReserved": "2016-12-02T00:00:00", "dateUpdated": "2024-08-05T14:09:18.137Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4155
Vulnerability from cvelistv5
Published
2016-06-16 14:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
▼ | URL | Tags |
---|---|---|
http://www.securitytracker.com/id/1036117 | vdb-entry, x_refsource_SECTRACK | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083 | vendor-advisory, x_refsource_MS | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html | vendor-advisory, x_refsource_SUSE | |
https://access.redhat.com/errata/RHSA-2016:1238 | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-18.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.308Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-06-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4155", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1036117", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4155", "datePublished": "2016-06-16T14:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.308Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2018-5001
Vulnerability from cvelistv5
Published
2018-07-09 19:00
Modified
2024-08-05 05:18
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 29.0.0.171 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
References
▼ | URL | Tags |
---|---|---|
https://access.redhat.com/errata/RHSA-2018:1827 | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1041058 | vdb-entry, x_refsource_SECTRACK | |
https://helpx.adobe.com/security/products/flash-player/apsb18-19.html | x_refsource_MISC | |
https://security.gentoo.org/glsa/201806-02 | vendor-advisory, x_refsource_GENTOO | |
http://www.securityfocus.com/bid/104413 | vdb-entry, x_refsource_BID |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 29.0.0.171 and earlier versions |
Version: Adobe Flash Player 29.0.0.171 and earlier versions |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T05:18:27.084Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2018:1827", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1827" }, { "name": "1041058", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1041058" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-19.html" }, { "name": "GLSA-201806-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201806-02" }, { "name": "104413", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/104413" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 29.0.0.171 and earlier versions", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 29.0.0.171 and earlier versions" } ] } ], "datePublic": "2018-07-09T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 29.0.0.171 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure." } ], "problemTypes": [ { "descriptions": [ { "description": "Out-of-bounds read", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-21T09:57:02", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "RHSA-2018:1827", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1827" }, { "name": "1041058", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1041058" }, { "tags": [ "x_refsource_MISC" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-19.html" }, { "name": "GLSA-201806-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201806-02" }, { "name": "104413", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/104413" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2018-5001", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 29.0.0.171 and earlier versions", "version": { "version_data": [ { "version_value": "Adobe Flash Player 29.0.0.171 and earlier versions" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 29.0.0.171 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Out-of-bounds read" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2018:1827", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1827" }, { "name": "1041058", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1041058" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb18-19.html", "refsource": "MISC", "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-19.html" }, { "name": "GLSA-201806-02", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201806-02" }, { "name": "104413", "refsource": "BID", "url": "http://www.securityfocus.com/bid/104413" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2018-5001", "datePublished": "2018-07-09T19:00:00", "dateReserved": "2018-01-03T00:00:00", "dateUpdated": "2024-08-05T05:18:27.084Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-7874
Vulnerability from cvelistv5
Published
2016-12-15 06:31
Modified
2024-08-06 02:13
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the NetConnection class when handling the proxy types. Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html | vendor-advisory, x_refsource_SUSE | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154 | vendor-advisory, x_refsource_MS | |
https://security.gentoo.org/glsa/201701-17 | vendor-advisory, x_refsource_GENTOO | |
http://www.securitytracker.com/id/1037442 | vdb-entry, x_refsource_SECTRACK | |
http://www.securityfocus.com/bid/94866 | vdb-entry, x_refsource_BID | |
http://rhn.redhat.com/errata/RHSA-2016-2947.html | vendor-advisory, x_refsource_REDHAT | |
https://helpx.adobe.com/security/products/flash-player/apsb16-39.html | x_refsource_CONFIRM | |
http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html | vendor-advisory, x_refsource_SUSE |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier |
Version: Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T02:13:20.512Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:3148", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "name": "GLSA-201701-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "name": "1037442", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1037442" }, { "name": "94866", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/94866" }, { "name": "RHSA-2016:2947", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "name": "openSUSE-SU-2016:3160", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier" } ] } ], "datePublic": "2016-12-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the NetConnection class when handling the proxy types. Successful exploitation could lead to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Memory Corruption", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:3148", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "name": "GLSA-201701-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "name": "1037442", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1037442" }, { "name": "94866", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/94866" }, { "name": "RHSA-2016:2947", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "name": "openSUSE-SU-2016:3160", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-7874", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier", "version": { "version_data": [ { "version_value": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the NetConnection class when handling the proxy types. Successful exploitation could lead to arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Memory Corruption" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:3148", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "name": "GLSA-201701-17", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201701-17" }, { "name": "1037442", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037442" }, { "name": "94866", "refsource": "BID", "url": "http://www.securityfocus.com/bid/94866" }, { "name": "RHSA-2016:2947", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "name": "openSUSE-SU-2016:3160", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-7874", "datePublished": "2016-12-15T06:31:00", "dateReserved": "2016-09-09T00:00:00", "dateUpdated": "2024-08-06T02:13:20.512Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4274
Vulnerability from cvelistv5
Published
2016-09-14 18:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201610-10 | vendor-advisory, x_refsource_GENTOO | |
https://helpx.adobe.com/security/products/flash-player/apsb16-29.html | x_refsource_CONFIRM | |
http://rhn.redhat.com/errata/RHSA-2016-1865.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/bid/92930 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1036791 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:25:14.088Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92930", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/92930" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036791" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-09-13T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92930", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/92930" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036791" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4274", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201610-10", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201610-10" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92930", "refsource": "BID", "url": "http://www.securityfocus.com/bid/92930" }, { "name": "1036791", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036791" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4274", "datePublished": "2016-09-14T18:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:25:14.088Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4277
Vulnerability from cvelistv5
Published
2016-09-14 18:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-4271 and CVE-2016-4278.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201610-10 | vendor-advisory, x_refsource_GENTOO | |
https://helpx.adobe.com/security/products/flash-player/apsb16-29.html | x_refsource_CONFIRM | |
http://rhn.redhat.com/errata/RHSA-2016-1865.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1036791 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:25:14.375Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036791" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-09-13T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-4271 and CVE-2016-4278." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036791" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4277", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-4271 and CVE-2016-4278." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201610-10", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201610-10" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "1036791", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036791" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4277", "datePublished": "2016-09-14T18:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:25:14.375Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4152
Vulnerability from cvelistv5
Published
2016-06-16 14:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
▼ | URL | Tags |
---|---|---|
http://www.securitytracker.com/id/1036117 | vdb-entry, x_refsource_SECTRACK | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083 | vendor-advisory, x_refsource_MS | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html | vendor-advisory, x_refsource_SUSE | |
https://access.redhat.com/errata/RHSA-2016:1238 | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-18.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.343Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-06-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4152", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1036117", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4152", "datePublished": "2016-06-16T14:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.343Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-1027
Vulnerability from cvelistv5
Published
2016-04-09 01:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html | vendor-advisory, x_refsource_SUSE | |
http://rhn.redhat.com/errata/RHSA-2016-0610.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/bid/85932 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1035509 | vdb-entry, x_refsource_SECTRACK | |
https://helpx.adobe.com/security/products/flash-player/apsb16-10.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.530Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1305", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "RHSA-2016:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "85932", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/85932" }, { "name": "1035509", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1035509" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-04-07T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-06-07T09:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1305", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "RHSA-2016:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "85932", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/85932" }, { "name": "1035509", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1035509" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-1027", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1305", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "RHSA-2016:0610", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "85932", "refsource": "BID", "url": "http://www.securityfocus.com/bid/85932" }, { "name": "1035509", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035509" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-1027", "datePublished": "2016-04-09T01:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.530Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2015-8658
Vulnerability from cvelistv5
Published
2016-03-04 23:00
Modified
2024-08-06 08:20
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (uninitialized pointer dereference and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8654, CVE-2015-8656, CVE-2015-8657, and CVE-2015-8820.
References
▼ | URL | Tags |
---|---|---|
http://www.zerodayinitiative.com/advisories/ZDI-15-662 | x_refsource_MISC | |
https://helpx.adobe.com/security/products/flash-player/apsb15-32.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/84160 | vdb-entry, x_refsource_BID |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T08:20:43.664Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-662" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" }, { "name": "84160", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/84160" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-03-02T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK \u0026 Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (uninitialized pointer dereference and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8654, CVE-2015-8656, CVE-2015-8657, and CVE-2015-8820." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-11-25T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-662" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" }, { "name": "84160", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/84160" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2015-8658", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK \u0026 Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (uninitialized pointer dereference and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8654, CVE-2015-8656, CVE-2015-8657, and CVE-2015-8820." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-662", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-662" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" }, { "name": "84160", "refsource": "BID", "url": "http://www.securityfocus.com/bid/84160" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2015-8658", "datePublished": "2016-03-04T23:00:00", "dateReserved": "2015-12-23T00:00:00", "dateUpdated": "2024-08-06T08:20:43.664Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4287
Vulnerability from cvelistv5
Published
2016-09-14 18:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Integer overflow in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201610-10 | vendor-advisory, x_refsource_GENTOO | |
https://helpx.adobe.com/security/products/flash-player/apsb16-29.html | x_refsource_CONFIRM | |
http://rhn.redhat.com/errata/RHSA-2016-1865.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1036791 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:25:14.123Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036791" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-09-13T00:00:00", "descriptions": [ { "lang": "en", "value": "Integer overflow in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036791" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4287", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Integer overflow in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201610-10", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201610-10" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "1036791", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036791" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4287", "datePublished": "2016-09-14T18:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:25:14.123Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4179
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
▼ | URL | Tags |
---|---|---|
https://www.exploit-db.com/exploits/40102/ | exploit, x_refsource_EXPLOIT-DB | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/91725 | vdb-entry, x_refsource_BID | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093 | vendor-advisory, x_refsource_MS | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.307Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "40102", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/40102/" }, { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "40102", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/40102/" }, { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4179", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "40102", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/40102/" }, { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91725" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4179", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.307Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4190
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/91725 | vdb-entry, x_refsource_BID | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.290Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4190", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91725" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4190", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.290Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-0989
Vulnerability from cvelistv5
Published
2016-03-12 15:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html | vendor-advisory, x_refsource_SUSE | |
http://www.securitytracker.com/id/1035251 | vdb-entry, x_refsource_SECTRACK | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/84311 | vdb-entry, x_refsource_BID | |
https://security.gentoo.org/glsa/201603-07 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-08.html | x_refsource_CONFIRM | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html | vendor-advisory, x_refsource_SUSE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.483Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "openSUSE-SU-2016:0734", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "84311", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/84311" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "SUSE-SU-2016:0716", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-03-10T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-01-03T10:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "openSUSE-SU-2016:0734", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "84311", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/84311" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "SUSE-SU-2016:0716", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-0989", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "openSUSE-SU-2016:0734", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "84311", "refsource": "BID", "url": "http://www.securityfocus.com/bid/84311" }, { "name": "GLSA-201603-07", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "SUSE-SU-2016:0716", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-0989", "datePublished": "2016-03-12T15:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.483Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2018-4935
Vulnerability from cvelistv5
Published
2018-05-19 17:00
Modified
2024-08-05 05:18
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
References
▼ | URL | Tags |
---|---|---|
https://www.exploit-db.com/exploits/44527/ | exploit, x_refsource_EXPLOIT-DB | |
http://www.securityfocus.com/bid/103708 | vdb-entry, x_refsource_BID | |
https://access.redhat.com/errata/RHSA-2018:1119 | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1040648 | vdb-entry, x_refsource_SECTRACK | |
https://security.gentoo.org/glsa/201804-11 | vendor-advisory, x_refsource_GENTOO | |
https://helpx.adobe.com/security/products/flash-player/apsb18-08.html | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 29.0.0.113 and earlier versions |
Version: Adobe Flash Player 29.0.0.113 and earlier versions |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T05:18:26.981Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "44527", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/44527/" }, { "name": "103708", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/103708" }, { "name": "RHSA-2018:1119", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1119" }, { "name": "1040648", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1040648" }, { "name": "GLSA-201804-11", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201804-11" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-08.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 29.0.0.113 and earlier versions", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 29.0.0.113 and earlier versions" } ] } ], "datePublic": "2018-05-19T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user." } ], "problemTypes": [ { "descriptions": [ { "description": "Out-of-bounds write", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-21T09:57:02", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "44527", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/44527/" }, { "name": "103708", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/103708" }, { "name": "RHSA-2018:1119", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1119" }, { "name": "1040648", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1040648" }, { "name": "GLSA-201804-11", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201804-11" }, { "tags": [ "x_refsource_MISC" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-08.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2018-4935", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 29.0.0.113 and earlier versions", "version": { "version_data": [ { "version_value": "Adobe Flash Player 29.0.0.113 and earlier versions" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Out-of-bounds write" } ] } ] }, "references": { "reference_data": [ { "name": "44527", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/44527/" }, { "name": "103708", "refsource": "BID", "url": "http://www.securityfocus.com/bid/103708" }, { "name": "RHSA-2018:1119", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1119" }, { "name": "1040648", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1040648" }, { "name": "GLSA-201804-11", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201804-11" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb18-08.html", "refsource": "MISC", "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-08.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2018-4935", "datePublished": "2018-05-19T17:00:00", "dateReserved": "2018-01-03T00:00:00", "dateUpdated": "2024-08-05T05:18:26.981Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-0962
Vulnerability from cvelistv5
Published
2016-03-12 15:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html | vendor-advisory, x_refsource_SUSE | |
http://www.securitytracker.com/id/1035251 | vdb-entry, x_refsource_SECTRACK | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/84311 | vdb-entry, x_refsource_BID | |
https://security.gentoo.org/glsa/201603-07 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-08.html | x_refsource_CONFIRM | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html | vendor-advisory, x_refsource_SUSE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.130Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "openSUSE-SU-2016:0734", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "84311", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/84311" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "SUSE-SU-2016:0716", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-03-10T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-01-03T10:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "openSUSE-SU-2016:0734", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "84311", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/84311" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "SUSE-SU-2016:0716", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-0962", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "openSUSE-SU-2016:0734", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "84311", "refsource": "BID", "url": "http://www.securityfocus.com/bid/84311" }, { "name": "GLSA-201603-07", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "SUSE-SU-2016:0716", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-0962", "datePublished": "2016-03-12T15:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.130Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-0996
Vulnerability from cvelistv5
Published
2016-03-12 15:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in the setInterval method in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via crafted arguments, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html | vendor-advisory, x_refsource_SUSE | |
http://www.securitytracker.com/id/1035251 | vdb-entry, x_refsource_SECTRACK | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html | vendor-advisory, x_refsource_SUSE | |
https://security.gentoo.org/glsa/201603-07 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-08.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/84312 | vdb-entry, x_refsource_BID | |
http://www.zerodayinitiative.com/advisories/ZDI-16-193/ | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html | vendor-advisory, x_refsource_SUSE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.364Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "openSUSE-SU-2016:0734", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "84312", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/84312" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-193/" }, { "name": "SUSE-SU-2016:0716", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-03-10T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in the setInterval method in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via crafted arguments, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-12-01T15:57:02", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "openSUSE-SU-2016:0734", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "84312", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/84312" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-193/" }, { "name": "SUSE-SU-2016:0716", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-0996", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in the setInterval method in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via crafted arguments, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "openSUSE-SU-2016:0734", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "GLSA-201603-07", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "84312", "refsource": "BID", "url": "http://www.securityfocus.com/bid/84312" }, { "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-193/", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-193/" }, { "name": "SUSE-SU-2016:0716", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-0996", "datePublished": "2016-03-12T15:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.364Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-7867
Vulnerability from cvelistv5
Published
2016-12-15 06:31
Modified
2024-08-06 02:13
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to bookmarking in searches. Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html | vendor-advisory, x_refsource_SUSE | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154 | vendor-advisory, x_refsource_MS | |
http://www.securityfocus.com/bid/94871 | vdb-entry, x_refsource_BID | |
https://security.gentoo.org/glsa/201701-17 | vendor-advisory, x_refsource_GENTOO | |
http://www.securitytracker.com/id/1037442 | vdb-entry, x_refsource_SECTRACK | |
http://www.zerodayinitiative.com/advisories/ZDI-16-622 | x_refsource_MISC | |
http://rhn.redhat.com/errata/RHSA-2016-2947.html | vendor-advisory, x_refsource_REDHAT | |
https://helpx.adobe.com/security/products/flash-player/apsb16-39.html | x_refsource_CONFIRM | |
http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html | vendor-advisory, x_refsource_SUSE |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier |
Version: Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T02:13:20.317Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:3148", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "name": "94871", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/94871" }, { "name": "GLSA-201701-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "name": "1037442", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1037442" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-622" }, { "name": "RHSA-2016:2947", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "name": "openSUSE-SU-2016:3160", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier" } ] } ], "datePublic": "2016-12-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to bookmarking in searches. Successful exploitation could lead to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Buffer Overflow / Underflow", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:3148", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "name": "94871", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/94871" }, { "name": "GLSA-201701-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "name": "1037442", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1037442" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-622" }, { "name": "RHSA-2016:2947", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "name": "openSUSE-SU-2016:3160", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-7867", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier", "version": { "version_data": [ { "version_value": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to bookmarking in searches. Successful exploitation could lead to arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Buffer Overflow / Underflow" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:3148", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "name": "94871", "refsource": "BID", "url": "http://www.securityfocus.com/bid/94871" }, { "name": "GLSA-201701-17", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201701-17" }, { "name": "1037442", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037442" }, { "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-622", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-622" }, { "name": "RHSA-2016:2947", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "name": "openSUSE-SU-2016:3160", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-7867", "datePublished": "2016-12-15T06:31:00", "dateReserved": "2016-09-09T00:00:00", "dateUpdated": "2024-08-06T02:13:20.317Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-7876
Vulnerability from cvelistv5
Published
2016-12-15 06:31
Modified
2024-08-06 02:13
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the Clipboard class related to data handling functionality. Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html | vendor-advisory, x_refsource_SUSE | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154 | vendor-advisory, x_refsource_MS | |
https://security.gentoo.org/glsa/201701-17 | vendor-advisory, x_refsource_GENTOO | |
http://www.securitytracker.com/id/1037442 | vdb-entry, x_refsource_SECTRACK | |
http://www.securityfocus.com/bid/94866 | vdb-entry, x_refsource_BID | |
http://rhn.redhat.com/errata/RHSA-2016-2947.html | vendor-advisory, x_refsource_REDHAT | |
https://helpx.adobe.com/security/products/flash-player/apsb16-39.html | x_refsource_CONFIRM | |
http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html | vendor-advisory, x_refsource_SUSE |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier |
Version: Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T02:13:20.276Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:3148", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "name": "GLSA-201701-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "name": "1037442", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1037442" }, { "name": "94866", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/94866" }, { "name": "RHSA-2016:2947", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "name": "openSUSE-SU-2016:3160", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier" } ] } ], "datePublic": "2016-12-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the Clipboard class related to data handling functionality. Successful exploitation could lead to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Memory Corruption", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:3148", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "name": "GLSA-201701-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "name": "1037442", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1037442" }, { "name": "94866", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/94866" }, { "name": "RHSA-2016:2947", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "name": "openSUSE-SU-2016:3160", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-7876", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier", "version": { "version_data": [ { "version_value": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the Clipboard class related to data handling functionality. Successful exploitation could lead to arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Memory Corruption" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:3148", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "name": "GLSA-201701-17", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201701-17" }, { "name": "1037442", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037442" }, { "name": "94866", "refsource": "BID", "url": "http://www.securityfocus.com/bid/94866" }, { "name": "RHSA-2016:2947", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "name": "openSUSE-SU-2016:3160", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-7876", "datePublished": "2016-12-15T06:31:00", "dateReserved": "2016-09-09T00:00:00", "dateUpdated": "2024-08-06T02:13:20.276Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-2997
Vulnerability from cvelistv5
Published
2017-03-14 16:00
Modified
2024-08-05 14:09
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable buffer overflow / underflow vulnerability in the Primetime TVSDK that supports customizing ad information. Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
https://helpx.adobe.com/security/products/flash-player/apsb17-07.html | x_refsource_CONFIRM | |
https://security.gentoo.org/glsa/201703-02 | vendor-advisory, x_refsource_GENTOO | |
http://www.securitytracker.com/id/1037994 | vdb-entry, x_refsource_SECTRACK | |
http://rhn.redhat.com/errata/RHSA-2017-0526.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/bid/96860 | vdb-entry, x_refsource_BID |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 24.0.0.221 and earlier. |
Version: Adobe Flash Player 24.0.0.221 and earlier. |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T14:09:17.795Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-07.html" }, { "name": "GLSA-201703-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201703-02" }, { "name": "1037994", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1037994" }, { "name": "RHSA-2017:0526", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0526.html" }, { "name": "96860", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/96860" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 24.0.0.221 and earlier.", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 24.0.0.221 and earlier." } ] } ], "datePublic": "2017-03-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable buffer overflow / underflow vulnerability in the Primetime TVSDK that supports customizing ad information. Successful exploitation could lead to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Buffer Overflow / Underflow", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-07.html" }, { "name": "GLSA-201703-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201703-02" }, { "name": "1037994", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1037994" }, { "name": "RHSA-2017:0526", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0526.html" }, { "name": "96860", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/96860" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2017-2997", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 24.0.0.221 and earlier.", "version": { "version_data": [ { "version_value": "Adobe Flash Player 24.0.0.221 and earlier." } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable buffer overflow / underflow vulnerability in the Primetime TVSDK that supports customizing ad information. Successful exploitation could lead to arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Buffer Overflow / Underflow" } ] } ] }, "references": { "reference_data": [ { "name": "https://helpx.adobe.com/security/products/flash-player/apsb17-07.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-07.html" }, { "name": "GLSA-201703-02", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201703-02" }, { "name": "1037994", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037994" }, { "name": "RHSA-2017:0526", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2017-0526.html" }, { "name": "96860", "refsource": "BID", "url": "http://www.securityfocus.com/bid/96860" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2017-2997", "datePublished": "2017-03-14T16:00:00", "dateReserved": "2016-12-02T00:00:00", "dateUpdated": "2024-08-05T14:09:17.795Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2018-4937
Vulnerability from cvelistv5
Published
2018-05-19 17:00
Modified
2024-08-05 05:18
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/103708 | vdb-entry, x_refsource_BID | |
https://www.exploit-db.com/exploits/44529/ | exploit, x_refsource_EXPLOIT-DB | |
https://access.redhat.com/errata/RHSA-2018:1119 | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1040648 | vdb-entry, x_refsource_SECTRACK | |
https://security.gentoo.org/glsa/201804-11 | vendor-advisory, x_refsource_GENTOO | |
https://helpx.adobe.com/security/products/flash-player/apsb18-08.html | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 29.0.0.113 and earlier versions |
Version: Adobe Flash Player 29.0.0.113 and earlier versions |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T05:18:26.958Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "103708", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/103708" }, { "name": "44529", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/44529/" }, { "name": "RHSA-2018:1119", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1119" }, { "name": "1040648", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1040648" }, { "name": "GLSA-201804-11", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201804-11" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-08.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 29.0.0.113 and earlier versions", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 29.0.0.113 and earlier versions" } ] } ], "datePublic": "2018-05-19T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user." } ], "problemTypes": [ { "descriptions": [ { "description": "Out-of-bounds write", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-21T09:57:02", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "103708", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/103708" }, { "name": "44529", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/44529/" }, { "name": "RHSA-2018:1119", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1119" }, { "name": "1040648", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1040648" }, { "name": "GLSA-201804-11", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201804-11" }, { "tags": [ "x_refsource_MISC" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-08.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2018-4937", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 29.0.0.113 and earlier versions", "version": { "version_data": [ { "version_value": "Adobe Flash Player 29.0.0.113 and earlier versions" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Out-of-bounds write" } ] } ] }, "references": { "reference_data": [ { "name": "103708", "refsource": "BID", "url": "http://www.securityfocus.com/bid/103708" }, { "name": "44529", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/44529/" }, { "name": "RHSA-2018:1119", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1119" }, { "name": "1040648", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1040648" }, { "name": "GLSA-201804-11", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201804-11" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb18-08.html", "refsource": "MISC", "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-08.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2018-4937", "datePublished": "2018-05-19T17:00:00", "dateReserved": "2018-01-03T00:00:00", "dateUpdated": "2024-08-05T05:18:26.958Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-7837
Vulnerability from cvelistv5
Published
2019-05-22 18:08
Modified
2024-08-04 21:02
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 32.0.0.171 and earlier, 32.0.0.171 and earlier, and 32.0.0.171 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
https://helpx.adobe.com/security/products/flash-player/apsb19-26.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/108312 | vdb-entry, x_refsource_BID | |
https://www.zerodayinitiative.com/advisories/ZDI-19-498/ | x_refsource_MISC | |
https://access.redhat.com/errata/RHSA-2019:1234 | vendor-advisory, x_refsource_REDHAT |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Adobe | Adobe Flash Player |
Version: 32.0.0.171 and earlier, 32.0.0.171 and earlier, and 32.0.0.171 and earlier versions |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T21:02:18.967Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb19-26.html" }, { "name": "108312", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/108312" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-498/" }, { "name": "RHSA-2019:1234", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:1234" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player", "vendor": "Adobe", "versions": [ { "status": "affected", "version": "32.0.0.171 and earlier, 32.0.0.171 and earlier, and 32.0.0.171 \u202fand earlier versions" } ] } ], "datePublic": "2019-05-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 32.0.0.171 and earlier, 32.0.0.171 and earlier, and 32.0.0.171 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Use After Free", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-05-22T18:11:03", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb19-26.html" }, { "name": "108312", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/108312" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-498/" }, { "name": "RHSA-2019:1234", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:1234" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2019-7837", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player", "version": { "version_data": [ { "version_value": "32.0.0.171 and earlier, 32.0.0.171 and earlier, and 32.0.0.171 \u202fand earlier versions" } ] } } ] }, "vendor_name": "Adobe" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 32.0.0.171 and earlier, 32.0.0.171 and earlier, and 32.0.0.171 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Use After Free" } ] } ] }, "references": { "reference_data": [ { "name": "https://helpx.adobe.com/security/products/flash-player/apsb19-26.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb19-26.html" }, { "name": "108312", "refsource": "BID", "url": "http://www.securityfocus.com/bid/108312" }, { "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-498/", "refsource": "MISC", "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-498/" }, { "name": "RHSA-2019:1234", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:1234" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2019-7837", "datePublished": "2019-05-22T18:08:08", "dateReserved": "2019-02-12T00:00:00", "dateUpdated": "2024-08-04T21:02:18.967Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4222
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
https://security.gentoo.org/glsa/201607-03 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/91719 | vdb-entry, x_refsource_BID | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
http://www.zerodayinitiative.com/advisories/ZDI-16-425 | x_refsource_MISC | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093 | vendor-advisory, x_refsource_MS | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:25:13.291Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91719", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91719" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-425" }, { "name": "MS16-093", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91719", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91719" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-425" }, { "name": "MS16-093", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4222", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91719", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91719" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-425", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-425" }, { "name": "MS16-093", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4222", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:25:13.291Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2018-15981
Vulnerability from cvelistv5
Published
2018-11-29 20:00
Modified
2024-08-05 10:10
Severity ?
EPSS score ?
Summary
Flash Player versions 31.0.0.148 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/105964 | vdb-entry, x_refsource_BID | |
https://access.redhat.com/errata/RHSA-2018:3644 | vendor-advisory, x_refsource_REDHAT | |
https://helpx.adobe.com/security/products/flash-player/apsb18-44.html | x_refsource_CONFIRM | |
http://www.securitytracker.com/id/1042151 | vdb-entry, x_refsource_SECTRACK |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Adobe | Flash Player |
Version: 31.0.0.148 and earlier versions |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T10:10:05.650Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "105964", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/105964" }, { "name": "RHSA-2018:3644", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:3644" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-44.html" }, { "name": "1042151", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1042151" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Flash Player", "vendor": "Adobe", "versions": [ { "status": "affected", "version": "31.0.0.148 and earlier versions" } ] } ], "datePublic": "2018-11-29T00:00:00", "descriptions": [ { "lang": "en", "value": "Flash Player versions 31.0.0.148 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Type Confusion", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-11-30T10:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "105964", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/105964" }, { "name": "RHSA-2018:3644", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:3644" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-44.html" }, { "name": "1042151", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1042151" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2018-15981", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Flash Player", "version": { "version_data": [ { "version_value": "31.0.0.148 and earlier versions" } ] } } ] }, "vendor_name": "Adobe" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Flash Player versions 31.0.0.148 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Type Confusion" } ] } ] }, "references": { "reference_data": [ { "name": "105964", "refsource": "BID", "url": "http://www.securityfocus.com/bid/105964" }, { "name": "RHSA-2018:3644", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:3644" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb18-44.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-44.html" }, { "name": "1042151", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1042151" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2018-15981", "datePublished": "2018-11-29T20:00:00", "dateReserved": "2018-08-28T00:00:00", "dateUpdated": "2024-08-05T10:10:05.650Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-7090
Vulnerability from cvelistv5
Published
2019-05-24 18:41
Modified
2024-08-04 20:38
Severity ?
EPSS score ?
Summary
Flash Player Desktop Runtime versions 32.0.0.114 and earlier, Flash Player for Google Chrome versions 32.0.0.114 and earlier, and Flash Player for Microsoft Edge and Internet Explorer 11 versions 32.0.0.114 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
References
▼ | URL | Tags |
---|---|---|
https://helpx.adobe.com/security/products/flash-player/apsb19-06.html | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Adobe | Flash Player Desktop Runtime |
Version: 32.0.0.114 and earlier |
||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T20:38:33.014Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb19-06.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Flash Player Desktop Runtime", "vendor": "Adobe", "versions": [ { "status": "affected", "version": "32.0.0.114 and earlier" } ] }, { "product": "Flash Player for Google Chrome", "vendor": "Adobe", "versions": [ { "status": "affected", "version": "32.0.0.114 and earlier" } ] }, { "product": "Flash Player for Microsoft Edge and Internet Explorer 11", "vendor": "Adobe", "versions": [ { "status": "affected", "version": "32.0.0.114\u202fand earlier" } ] } ], "descriptions": [ { "lang": "en", "value": "Flash Player Desktop Runtime versions 32.0.0.114 and earlier, Flash Player for Google Chrome versions 32.0.0.114 and earlier, and Flash Player for Microsoft Edge and Internet Explorer 11 versions 32.0.0.114 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure." } ], "problemTypes": [ { "descriptions": [ { "description": "Out-of-bounds read", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-05-24T18:41:31", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb19-06.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2019-7090", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Flash Player Desktop Runtime", "version": { "version_data": [ { "version_value": "32.0.0.114 and earlier" } ] } }, { "product_name": "Flash Player for Google Chrome", "version": { "version_data": [ { "version_value": "32.0.0.114 and earlier" } ] } }, { "product_name": "Flash Player for Microsoft Edge and Internet Explorer 11", "version": { "version_data": [ { "version_value": "32.0.0.114\u202fand earlier" } ] } } ] }, "vendor_name": "Adobe" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Flash Player Desktop Runtime versions 32.0.0.114 and earlier, Flash Player for Google Chrome versions 32.0.0.114 and earlier, and Flash Player for Microsoft Edge and Internet Explorer 11 versions 32.0.0.114 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Out-of-bounds read" } ] } ] }, "references": { "reference_data": [ { "name": "https://helpx.adobe.com/security/products/flash-player/apsb19-06.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb19-06.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2019-7090", "datePublished": "2019-05-24T18:41:31", "dateReserved": "2019-01-28T00:00:00", "dateUpdated": "2024-08-04T20:38:33.014Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-0965
Vulnerability from cvelistv5
Published
2016-02-10 20:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html | vendor-advisory, x_refsource_SUSE | |
http://www.securitytracker.com/id/1034970 | vdb-entry, x_refsource_SECTRACK | |
https://security.gentoo.org/glsa/201603-07 | vendor-advisory, x_refsource_GENTOO | |
http://rhn.redhat.com/errata/RHSA-2016-0166.html | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html | vendor-advisory, x_refsource_SUSE | |
https://www.exploit-db.com/exploits/39460/ | exploit, x_refsource_EXPLOIT-DB | |
https://helpx.adobe.com/security/products/flash-player/apsb16-04.html | x_refsource_CONFIRM | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html | vendor-advisory, x_refsource_SUSE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.465Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:0400", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "name": "39460", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/39460/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-02-09T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-09T09:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:0400", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "name": "39460", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/39460/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-0965", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:0400", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "name": "39460", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/39460/" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-0965", "datePublished": "2016-02-10T20:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.465Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-1023
Vulnerability from cvelistv5
Published
2016-04-09 01:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html | vendor-advisory, x_refsource_SUSE | |
http://rhn.redhat.com/errata/RHSA-2016-0610.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/bid/85932 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1035509 | vdb-entry, x_refsource_SECTRACK | |
https://helpx.adobe.com/security/products/flash-player/apsb16-10.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.616Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1305", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "RHSA-2016:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "85932", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/85932" }, { "name": "1035509", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1035509" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-04-07T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-06-07T09:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1305", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "RHSA-2016:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "85932", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/85932" }, { "name": "1035509", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1035509" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-1023", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1305", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "RHSA-2016:0610", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "85932", "refsource": "BID", "url": "http://www.securityfocus.com/bid/85932" }, { "name": "1035509", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035509" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-1023", "datePublished": "2016-04-09T01:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.616Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2018-4932
Vulnerability from cvelistv5
Published
2018-05-19 17:00
Modified
2024-08-05 05:18
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable Use-After-Free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/103708 | vdb-entry, x_refsource_BID | |
https://access.redhat.com/errata/RHSA-2018:1119 | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1040648 | vdb-entry, x_refsource_SECTRACK | |
https://security.gentoo.org/glsa/201804-11 | vendor-advisory, x_refsource_GENTOO | |
https://helpx.adobe.com/security/products/flash-player/apsb18-08.html | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 29.0.0.113 and earlier versions |
Version: Adobe Flash Player 29.0.0.113 and earlier versions |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T05:18:27.056Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "103708", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/103708" }, { "name": "RHSA-2018:1119", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1119" }, { "name": "1040648", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1040648" }, { "name": "GLSA-201804-11", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201804-11" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-08.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 29.0.0.113 and earlier versions", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 29.0.0.113 and earlier versions" } ] } ], "datePublic": "2018-05-19T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable Use-After-Free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user." } ], "problemTypes": [ { "descriptions": [ { "description": "Use-After-Free", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-21T09:57:02", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "103708", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/103708" }, { "name": "RHSA-2018:1119", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1119" }, { "name": "1040648", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1040648" }, { "name": "GLSA-201804-11", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201804-11" }, { "tags": [ "x_refsource_MISC" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-08.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2018-4932", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 29.0.0.113 and earlier versions", "version": { "version_data": [ { "version_value": "Adobe Flash Player 29.0.0.113 and earlier versions" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable Use-After-Free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Use-After-Free" } ] } ] }, "references": { "reference_data": [ { "name": "103708", "refsource": "BID", "url": "http://www.securityfocus.com/bid/103708" }, { "name": "RHSA-2018:1119", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1119" }, { "name": "1040648", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1040648" }, { "name": "GLSA-201804-11", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201804-11" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb18-08.html", "refsource": "MISC", "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-08.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2018-4932", "datePublished": "2018-05-19T17:00:00", "dateReserved": "2018-01-03T00:00:00", "dateUpdated": "2024-08-05T05:18:27.056Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-0970
Vulnerability from cvelistv5
Published
2016-02-10 20:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html | vendor-advisory, x_refsource_SUSE | |
http://www.securitytracker.com/id/1034970 | vdb-entry, x_refsource_SECTRACK | |
https://security.gentoo.org/glsa/201603-07 | vendor-advisory, x_refsource_GENTOO | |
http://rhn.redhat.com/errata/RHSA-2016-0166.html | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-04.html | x_refsource_CONFIRM | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html | vendor-advisory, x_refsource_SUSE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.263Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:0400", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-02-09T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-12-02T20:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:0400", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-0970", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:0400", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-0970", "datePublished": "2016-02-10T20:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.263Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-0983
Vulnerability from cvelistv5
Published
2016-02-10 20:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0982, and CVE-2016-0984.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html | vendor-advisory, x_refsource_SUSE | |
http://www.securitytracker.com/id/1034970 | vdb-entry, x_refsource_SECTRACK | |
https://security.gentoo.org/glsa/201603-07 | vendor-advisory, x_refsource_GENTOO | |
http://rhn.redhat.com/errata/RHSA-2016-0166.html | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-04.html | x_refsource_CONFIRM | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html | vendor-advisory, x_refsource_SUSE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.234Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:0400", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-02-09T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0982, and CVE-2016-0984." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-12-02T20:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:0400", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-0983", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0982, and CVE-2016-0984." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:0400", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-0983", "datePublished": "2016-02-10T20:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.234Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4131
Vulnerability from cvelistv5
Published
2016-06-16 14:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
▼ | URL | Tags |
---|---|---|
http://www.securitytracker.com/id/1036117 | vdb-entry, x_refsource_SECTRACK | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083 | vendor-advisory, x_refsource_MS | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html | vendor-advisory, x_refsource_SUSE | |
https://access.redhat.com/errata/RHSA-2016:1238 | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-18.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.258Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-06-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4131", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1036117", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4131", "datePublished": "2016-06-16T14:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.258Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-6921
Vulnerability from cvelistv5
Published
2016-09-14 18:00
Modified
2024-08-06 01:43
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201610-10 | vendor-advisory, x_refsource_GENTOO | |
https://helpx.adobe.com/security/products/flash-player/apsb16-29.html | x_refsource_CONFIRM | |
http://rhn.redhat.com/errata/RHSA-2016-1865.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/bid/92927 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1036791 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T01:43:38.549Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92927", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/92927" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036791" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-09-13T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92927", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/92927" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036791" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-6921", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201610-10", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201610-10" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92927", "refsource": "BID", "url": "http://www.securityfocus.com/bid/92927" }, { "name": "1036791", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036791" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-6921", "datePublished": "2016-09-14T18:00:00", "dateReserved": "2016-08-23T00:00:00", "dateUpdated": "2024-08-06T01:43:38.549Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-1006
Vulnerability from cvelistv5
Published
2016-04-09 01:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to bypass the ASLR protection mechanism via JIT data.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html | vendor-advisory, x_refsource_SUSE | |
http://rhn.redhat.com/errata/RHSA-2016-0610.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1035509 | vdb-entry, x_refsource_SECTRACK | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050 | vendor-advisory, x_refsource_MS | |
https://helpx.adobe.com/security/products/flash-player/apsb16-10.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.544Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1305", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "RHSA-2016:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "1035509", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1035509" }, { "name": "MS16-050", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-04-07T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to bypass the ASLR protection mechanism via JIT data." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1305", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "RHSA-2016:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "1035509", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1035509" }, { "name": "MS16-050", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-1006", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to bypass the ASLR protection mechanism via JIT data." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1305", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "RHSA-2016:0610", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "1035509", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035509" }, { "name": "MS16-050", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-1006", "datePublished": "2016-04-09T01:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.544Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4236
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
https://security.gentoo.org/glsa/201607-03 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/91725 | vdb-entry, x_refsource_BID | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:25:14.095Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4236", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91725" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4236", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:25:14.095Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-6923
Vulnerability from cvelistv5
Published
2016-09-14 18:00
Modified
2024-08-06 01:43
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201610-10 | vendor-advisory, x_refsource_GENTOO | |
https://helpx.adobe.com/security/products/flash-player/apsb16-29.html | x_refsource_CONFIRM | |
http://rhn.redhat.com/errata/RHSA-2016-1865.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/bid/92927 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1036791 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T01:43:38.557Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92927", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/92927" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036791" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-09-13T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92927", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/92927" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036791" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-6923", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201610-10", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201610-10" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92927", "refsource": "BID", "url": "http://www.securityfocus.com/bid/92927" }, { "name": "1036791", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036791" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-6923", "datePublished": "2016-09-14T18:00:00", "dateReserved": "2016-08-23T00:00:00", "dateUpdated": "2024-08-06T01:43:38.557Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4120
Vulnerability from cvelistv5
Published
2016-06-16 14:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4160, CVE-2016-4161, CVE-2016-4162, and CVE-2016-4163.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201606-08 | vendor-advisory, x_refsource_GENTOO | |
http://www.securityfocus.com/bid/90618 | vdb-entry, x_refsource_BID | |
https://helpx.adobe.com/security/products/flash-player/apsb16-15.html | x_refsource_CONFIRM | |
http://rhn.redhat.com/errata/RHSA-2016-1079.html | vendor-advisory, x_refsource_REDHAT |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.268Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201606-08", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201606-08" }, { "name": "90618", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/90618" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html" }, { "name": "RHSA-2016:1079", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1079.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-05-19T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4160, CVE-2016-4161, CVE-2016-4162, and CVE-2016-4163." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201606-08", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201606-08" }, { "name": "90618", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/90618" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html" }, { "name": "RHSA-2016:1079", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1079.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4120", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4160, CVE-2016-4161, CVE-2016-4162, and CVE-2016-4163." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201606-08", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201606-08" }, { "name": "90618", "refsource": "BID", "url": "http://www.securityfocus.com/bid/90618" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html" }, { "name": "RHSA-2016:1079", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-1079.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4120", "datePublished": "2016-06-16T14:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.268Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-11292
Vulnerability from cvelistv5
Published
2017-10-21 05:00
Modified
2024-08-05 18:05
Severity ?
EPSS score ?
Summary
Adobe Flash Player version 27.0.0.159 and earlier has a flawed bytecode verification procedure, which allows for an untrusted value to be used in the calculation of an array index. This can lead to type confusion, and successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
http://www.securitytracker.com/id/1039582 | vdb-entry, x_refsource_SECTRACK | |
https://helpx.adobe.com/security/products/flash-player/apsb17-32.html | x_refsource_CONFIRM | |
https://security.gentoo.org/glsa/201710-22 | vendor-advisory, x_refsource_GENTOO | |
http://www.securityfocus.com/bid/101286 | vdb-entry, x_refsource_BID | |
https://access.redhat.com/errata/RHSA-2017:2899 | vendor-advisory, x_refsource_REDHAT |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player version 27.0.0.159 and earlier |
Version: Adobe Flash Player version 27.0.0.159 and earlier |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T18:05:30.368Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1039582", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1039582" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-32.html" }, { "name": "GLSA-201710-22", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201710-22" }, { "name": "101286", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/101286" }, { "name": "RHSA-2017:2899", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:2899" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player version 27.0.0.159 and earlier", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player version 27.0.0.159 and earlier" } ] } ], "datePublic": "2017-10-21T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player version 27.0.0.159 and earlier has a flawed bytecode verification procedure, which allows for an untrusted value to be used in the calculation of an array index. This can lead to type confusion, and successful exploitation could lead to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "arbitrary code execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-12-07T10:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "1039582", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1039582" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-32.html" }, { "name": "GLSA-201710-22", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201710-22" }, { "name": "101286", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/101286" }, { "name": "RHSA-2017:2899", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:2899" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2017-11292", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player version 27.0.0.159 and earlier", "version": { "version_data": [ { "version_value": "Adobe Flash Player version 27.0.0.159 and earlier" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player version 27.0.0.159 and earlier has a flawed bytecode verification procedure, which allows for an untrusted value to be used in the calculation of an array index. This can lead to type confusion, and successful exploitation could lead to arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "arbitrary code execution" } ] } ] }, "references": { "reference_data": [ { "name": "1039582", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1039582" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb17-32.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-32.html" }, { "name": "GLSA-201710-22", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201710-22" }, { "name": "101286", "refsource": "BID", "url": "http://www.securityfocus.com/bid/101286" }, { "name": "RHSA-2017:2899", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2899" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2017-11292", "datePublished": "2017-10-21T05:00:00", "dateReserved": "2017-07-13T00:00:00", "dateUpdated": "2024-08-05T18:05:30.368Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2015-8823
Vulnerability from cvelistv5
Published
2016-04-22 18:00
Modified
2024-08-06 08:29
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in the TextField object implementation in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via crafted text property, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, CVE-2015-8454, CVE-2015-8653, CVE-2015-8655, CVE-2015-8821, and CVE-2015-8822.
References
▼ | URL | Tags |
---|---|---|
https://helpx.adobe.com/security/products/flash-player/apsb15-32.html | x_refsource_CONFIRM | |
http://www.zerodayinitiative.com/advisories/ZDI-15-665 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T08:29:22.016Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-665" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-04-15T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in the TextField object implementation in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK \u0026 Compiler before 20.0.0.204 allows attackers to execute arbitrary code via crafted text property, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, CVE-2015-8454, CVE-2015-8653, CVE-2015-8655, CVE-2015-8821, and CVE-2015-8822." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-04-22T17:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-665" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2015-8823", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in the TextField object implementation in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK \u0026 Compiler before 20.0.0.204 allows attackers to execute arbitrary code via crafted text property, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, CVE-2015-8454, CVE-2015-8653, CVE-2015-8655, CVE-2015-8821, and CVE-2015-8822." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" }, { "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-665", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-665" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2015-8823", "datePublished": "2016-04-22T18:00:00", "dateReserved": "2016-03-01T00:00:00", "dateUpdated": "2024-08-06T08:29:22.016Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4175
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
▼ | URL | Tags |
---|---|---|
https://www.exploit-db.com/exploits/40103/ | exploit, x_refsource_EXPLOIT-DB | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/91725 | vdb-entry, x_refsource_BID | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093 | vendor-advisory, x_refsource_MS | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.313Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "40103", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/40103/" }, { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "40103", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/40103/" }, { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4175", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "40103", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/40103/" }, { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91725" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4175", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.313Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-3070
Vulnerability from cvelistv5
Published
2017-05-09 16:00
Modified
2024-08-05 14:16
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the ConvolutionFilter class. Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201705-12 | vendor-advisory, x_refsource_GENTOO | |
https://helpx.adobe.com/security/products/flash-player/apsb17-15.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/98349 | vdb-entry, x_refsource_BID | |
https://access.redhat.com/errata/RHSA-2017:1219 | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1038427 | vdb-entry, x_refsource_SECTRACK |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 25.0.0.148 and earlier. |
Version: Adobe Flash Player 25.0.0.148 and earlier. |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T14:16:27.457Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201705-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201705-12" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-15.html" }, { "name": "98349", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/98349" }, { "name": "RHSA-2017:1219", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:1219" }, { "name": "1038427", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1038427" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 25.0.0.148 and earlier.", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 25.0.0.148 and earlier." } ] } ], "datePublic": "2017-05-09T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the ConvolutionFilter class. Successful exploitation could lead to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Memory Corruption", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201705-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201705-12" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-15.html" }, { "name": "98349", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/98349" }, { "name": "RHSA-2017:1219", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:1219" }, { "name": "1038427", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1038427" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2017-3070", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 25.0.0.148 and earlier.", "version": { "version_data": [ { "version_value": "Adobe Flash Player 25.0.0.148 and earlier." } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the ConvolutionFilter class. Successful exploitation could lead to arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Memory Corruption" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201705-12", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201705-12" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb17-15.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-15.html" }, { "name": "98349", "refsource": "BID", "url": "http://www.securityfocus.com/bid/98349" }, { "name": "RHSA-2017:1219", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:1219" }, { "name": "1038427", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1038427" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2017-3070", "datePublished": "2017-05-09T16:00:00", "dateReserved": "2016-12-02T00:00:00", "dateUpdated": "2024-08-05T14:16:27.457Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4149
Vulnerability from cvelistv5
Published
2016-06-16 14:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
▼ | URL | Tags |
---|---|---|
http://www.securitytracker.com/id/1036117 | vdb-entry, x_refsource_SECTRACK | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083 | vendor-advisory, x_refsource_MS | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html | vendor-advisory, x_refsource_SUSE | |
https://access.redhat.com/errata/RHSA-2016:1238 | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-18.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.273Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-06-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4149", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1036117", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4149", "datePublished": "2016-06-16T14:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.273Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4245
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, and CVE-2016-4246.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
https://security.gentoo.org/glsa/201607-03 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/91725 | vdb-entry, x_refsource_BID | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:25:13.744Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, and CVE-2016-4246." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4245", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, and CVE-2016-4246." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91725" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4245", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:25:13.744Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-3071
Vulnerability from cvelistv5
Published
2017-05-09 16:00
Modified
2024-08-05 14:16
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when masking display objects. Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201705-12 | vendor-advisory, x_refsource_GENTOO | |
https://helpx.adobe.com/security/products/flash-player/apsb17-15.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/98347 | vdb-entry, x_refsource_BID | |
https://access.redhat.com/errata/RHSA-2017:1219 | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1038427 | vdb-entry, x_refsource_SECTRACK |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 25.0.0.148 and earlier. |
Version: Adobe Flash Player 25.0.0.148 and earlier. |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T14:16:27.711Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201705-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201705-12" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-15.html" }, { "name": "98347", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/98347" }, { "name": "RHSA-2017:1219", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:1219" }, { "name": "1038427", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1038427" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 25.0.0.148 and earlier.", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 25.0.0.148 and earlier." } ] } ], "datePublic": "2017-05-09T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when masking display objects. Successful exploitation could lead to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Use After Free", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201705-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201705-12" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-15.html" }, { "name": "98347", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/98347" }, { "name": "RHSA-2017:1219", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:1219" }, { "name": "1038427", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1038427" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2017-3071", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 25.0.0.148 and earlier.", "version": { "version_data": [ { "version_value": "Adobe Flash Player 25.0.0.148 and earlier." } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when masking display objects. Successful exploitation could lead to arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Use After Free" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201705-12", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201705-12" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb17-15.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-15.html" }, { "name": "98347", "refsource": "BID", "url": "http://www.securityfocus.com/bid/98347" }, { "name": "RHSA-2017:1219", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:1219" }, { "name": "1038427", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1038427" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2017-3071", "datePublished": "2017-05-09T16:00:00", "dateReserved": "2016-12-02T00:00:00", "dateUpdated": "2024-08-05T14:16:27.711Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-2993
Vulnerability from cvelistv5
Published
2017-02-15 06:11
Modified
2024-08-05 14:09
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability related to event handlers. Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201702-20 | vendor-advisory, x_refsource_GENTOO | |
http://www.securityfocus.com/bid/96199 | vdb-entry, x_refsource_BID | |
http://rhn.redhat.com/errata/RHSA-2017-0275.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1037815 | vdb-entry, x_refsource_SECTRACK | |
https://helpx.adobe.com/security/products/flash-player/apsb17-04.html | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 24.0.0.194 and earlier. |
Version: Adobe Flash Player 24.0.0.194 and earlier. |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T14:09:17.768Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201702-20", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201702-20" }, { "name": "96199", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/96199" }, { "name": "RHSA-2017:0275", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "name": "1037815", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1037815" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 24.0.0.194 and earlier.", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 24.0.0.194 and earlier." } ] } ], "datePublic": "2017-02-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability related to event handlers. Successful exploitation could lead to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Use After Free", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201702-20", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201702-20" }, { "name": "96199", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/96199" }, { "name": "RHSA-2017:0275", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "name": "1037815", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1037815" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2017-2993", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 24.0.0.194 and earlier.", "version": { "version_data": [ { "version_value": "Adobe Flash Player 24.0.0.194 and earlier." } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability related to event handlers. Successful exploitation could lead to arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Use After Free" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201702-20", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201702-20" }, { "name": "96199", "refsource": "BID", "url": "http://www.securityfocus.com/bid/96199" }, { "name": "RHSA-2017:0275", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "name": "1037815", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037815" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2017-2993", "datePublished": "2017-02-15T06:11:00", "dateReserved": "2016-12-02T00:00:00", "dateUpdated": "2024-08-05T14:09:17.768Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4144
Vulnerability from cvelistv5
Published
2016-06-16 14:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
▼ | URL | Tags |
---|---|---|
http://www.securitytracker.com/id/1036117 | vdb-entry, x_refsource_SECTRACK | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083 | vendor-advisory, x_refsource_MS | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html | vendor-advisory, x_refsource_SUSE | |
https://access.redhat.com/errata/RHSA-2016:1238 | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-18.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.328Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-06-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4144", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1036117", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4144", "datePublished": "2016-06-16T14:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.328Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4237
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
https://security.gentoo.org/glsa/201607-03 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/91725 | vdb-entry, x_refsource_BID | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:25:13.284Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4237", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91725" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4237", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:25:13.284Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-6981
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:50
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-6987.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201610-10 | vendor-advisory, x_refsource_GENTOO | |
https://helpx.adobe.com/security/products/flash-player/apsb16-32.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/93492 | vdb-entry, x_refsource_BID | |
http://rhn.redhat.com/errata/RHSA-2016-2057.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1036985 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T01:50:46.037Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "name": "93492", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/93492" }, { "name": "RHSA-2016:2057", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "name": "1036985", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036985" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-10-11T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-6987." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "name": "93492", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/93492" }, { "name": "RHSA-2016:2057", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "name": "1036985", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036985" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-6981", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-6987." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201610-10", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201610-10" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "name": "93492", "refsource": "BID", "url": "http://www.securityfocus.com/bid/93492" }, { "name": "RHSA-2016:2057", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "name": "1036985", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036985" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-6981", "datePublished": "2016-10-13T19:00:00", "dateReserved": "2016-08-23T00:00:00", "dateUpdated": "2024-08-06T01:50:46.037Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4286
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to bypass intended access restrictions via unspecified vectors.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201610-10 | vendor-advisory, x_refsource_GENTOO | |
http://www.securityfocus.com/bid/93497 | vdb-entry, x_refsource_BID | |
https://helpx.adobe.com/security/products/flash-player/apsb16-32.html | x_refsource_CONFIRM | |
http://rhn.redhat.com/errata/RHSA-2016-2057.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1036985 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:25:14.078Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "name": "93497", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/93497" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "name": "RHSA-2016:2057", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "name": "1036985", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036985" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-10-11T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to bypass intended access restrictions via unspecified vectors." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "name": "93497", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/93497" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "name": "RHSA-2016:2057", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "name": "1036985", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036985" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4286", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to bypass intended access restrictions via unspecified vectors." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201610-10", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201610-10" }, { "name": "93497", "refsource": "BID", "url": "http://www.securityfocus.com/bid/93497" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "name": "RHSA-2016:2057", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "name": "1036985", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036985" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4286", "datePublished": "2016-10-13T19:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:25:14.078Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-1033
Vulnerability from cvelistv5
Published
2016-04-09 01:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, and CVE-2016-1032.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html | vendor-advisory, x_refsource_SUSE | |
http://rhn.redhat.com/errata/RHSA-2016-0610.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/bid/85932 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1035509 | vdb-entry, x_refsource_SECTRACK | |
https://helpx.adobe.com/security/products/flash-player/apsb16-10.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.615Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1305", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "RHSA-2016:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "85932", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/85932" }, { "name": "1035509", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1035509" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-04-07T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, and CVE-2016-1032." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-06-07T09:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1305", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "RHSA-2016:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "85932", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/85932" }, { "name": "1035509", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1035509" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-1033", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, and CVE-2016-1032." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1305", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "RHSA-2016:0610", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "85932", "refsource": "BID", "url": "http://www.securityfocus.com/bid/85932" }, { "name": "1035509", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035509" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-1033", "datePublished": "2016-04-09T01:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.615Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-2990
Vulnerability from cvelistv5
Published
2017-02-15 06:11
Modified
2024-08-05 14:09
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 decompression routine. Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/96190 | vdb-entry, x_refsource_BID | |
https://security.gentoo.org/glsa/201702-20 | vendor-advisory, x_refsource_GENTOO | |
http://rhn.redhat.com/errata/RHSA-2017-0275.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1037815 | vdb-entry, x_refsource_SECTRACK | |
https://helpx.adobe.com/security/products/flash-player/apsb17-04.html | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 24.0.0.194 and earlier. |
Version: Adobe Flash Player 24.0.0.194 and earlier. |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T14:09:17.819Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "96190", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/96190" }, { "name": "GLSA-201702-20", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201702-20" }, { "name": "RHSA-2017:0275", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "name": "1037815", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1037815" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 24.0.0.194 and earlier.", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 24.0.0.194 and earlier." } ] } ], "datePublic": "2017-02-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 decompression routine. Successful exploitation could lead to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Memory Corruption", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "96190", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/96190" }, { "name": "GLSA-201702-20", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201702-20" }, { "name": "RHSA-2017:0275", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "name": "1037815", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1037815" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2017-2990", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 24.0.0.194 and earlier.", "version": { "version_data": [ { "version_value": "Adobe Flash Player 24.0.0.194 and earlier." } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 decompression routine. Successful exploitation could lead to arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Memory Corruption" } ] } ] }, "references": { "reference_data": [ { "name": "96190", "refsource": "BID", "url": "http://www.securityfocus.com/bid/96190" }, { "name": "GLSA-201702-20", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201702-20" }, { "name": "RHSA-2017:0275", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "name": "1037815", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037815" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2017-2990", "datePublished": "2017-02-15T06:11:00", "dateReserved": "2016-12-02T00:00:00", "dateUpdated": "2024-08-05T14:09:17.819Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-0975
Vulnerability from cvelistv5
Published
2016-02-10 20:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in the instanceof function in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows attackers to execute arbitrary code by leveraging improper reference handling, a different vulnerability than CVE-2016-0973, CVE-2016-0974, CVE-2016-0982, CVE-2016-0983, and CVE-2016-0984.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html | vendor-advisory, x_refsource_SUSE | |
http://www.securitytracker.com/id/1034970 | vdb-entry, x_refsource_SECTRACK | |
https://security.gentoo.org/glsa/201603-07 | vendor-advisory, x_refsource_GENTOO | |
http://rhn.redhat.com/errata/RHSA-2016-0166.html | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-04.html | x_refsource_CONFIRM | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html | vendor-advisory, x_refsource_SUSE | |
http://zerodayinitiative.com/advisories/ZDI-16-160/ | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.054Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:0400", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://zerodayinitiative.com/advisories/ZDI-16-160/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-02-09T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in the instanceof function in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allows attackers to execute arbitrary code by leveraging improper reference handling, a different vulnerability than CVE-2016-0973, CVE-2016-0974, CVE-2016-0982, CVE-2016-0983, and CVE-2016-0984." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-12-02T20:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:0400", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://zerodayinitiative.com/advisories/ZDI-16-160/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-0975", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in the instanceof function in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allows attackers to execute arbitrary code by leveraging improper reference handling, a different vulnerability than CVE-2016-0973, CVE-2016-0974, CVE-2016-0982, CVE-2016-0983, and CVE-2016-0984." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:0400", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" }, { "name": "http://zerodayinitiative.com/advisories/ZDI-16-160/", "refsource": "MISC", "url": "http://zerodayinitiative.com/advisories/ZDI-16-160/" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-0975", "datePublished": "2016-02-10T20:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.054Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-0973
Vulnerability from cvelistv5
Published
2016-02-10 20:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in the URLRequest object implementation in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows attackers to execute arbitrary code via a URLLoader.load call, a different vulnerability than CVE-2016-0974, CVE-2016-0975, CVE-2016-0982, CVE-2016-0983, and CVE-2016-0984.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html | vendor-advisory, x_refsource_SUSE | |
http://www.securitytracker.com/id/1034970 | vdb-entry, x_refsource_SECTRACK | |
http://zerodayinitiative.com/advisories/ZDI-16-161/ | x_refsource_MISC | |
https://security.gentoo.org/glsa/201603-07 | vendor-advisory, x_refsource_GENTOO | |
http://rhn.redhat.com/errata/RHSA-2016-0166.html | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-04.html | x_refsource_CONFIRM | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html | vendor-advisory, x_refsource_SUSE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.213Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:0400", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034970" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://zerodayinitiative.com/advisories/ZDI-16-161/" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-02-09T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in the URLRequest object implementation in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allows attackers to execute arbitrary code via a URLLoader.load call, a different vulnerability than CVE-2016-0974, CVE-2016-0975, CVE-2016-0982, CVE-2016-0983, and CVE-2016-0984." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-12-02T20:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:0400", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034970" }, { "tags": [ "x_refsource_MISC" ], "url": "http://zerodayinitiative.com/advisories/ZDI-16-161/" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-0973", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in the URLRequest object implementation in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allows attackers to execute arbitrary code via a URLLoader.load call, a different vulnerability than CVE-2016-0974, CVE-2016-0975, CVE-2016-0982, CVE-2016-0983, and CVE-2016-0984." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:0400", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034970" }, { "name": "http://zerodayinitiative.com/advisories/ZDI-16-161/", "refsource": "MISC", "url": "http://zerodayinitiative.com/advisories/ZDI-16-161/" }, { "name": "GLSA-201603-07", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-0973", "datePublished": "2016-02-10T20:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.213Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4240
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
https://security.gentoo.org/glsa/201607-03 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/91725 | vdb-entry, x_refsource_BID | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:25:14.088Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4240", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91725" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4240", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:25:14.088Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4139
Vulnerability from cvelistv5
Published
2016-06-16 14:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
▼ | URL | Tags |
---|---|---|
http://www.securitytracker.com/id/1036117 | vdb-entry, x_refsource_SECTRACK | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083 | vendor-advisory, x_refsource_MS | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html | vendor-advisory, x_refsource_SUSE | |
https://access.redhat.com/errata/RHSA-2016:1238 | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-18.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.177Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-06-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4139", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1036117", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4139", "datePublished": "2016-06-16T14:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.177Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-0966
Vulnerability from cvelistv5
Published
2016-02-10 20:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html | vendor-advisory, x_refsource_SUSE | |
http://www.securitytracker.com/id/1034970 | vdb-entry, x_refsource_SECTRACK | |
https://security.gentoo.org/glsa/201603-07 | vendor-advisory, x_refsource_GENTOO | |
http://rhn.redhat.com/errata/RHSA-2016-0166.html | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-04.html | x_refsource_CONFIRM | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html | vendor-advisory, x_refsource_SUSE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.285Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:0400", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-02-09T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-12-02T20:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:0400", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-0966", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:0400", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-0966", "datePublished": "2016-02-10T20:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.285Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-7020
Vulnerability from cvelistv5
Published
2016-10-05 21:00
Modified
2024-08-06 01:50
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248.
References
▼ | URL | Tags |
---|---|---|
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/bid/94192 | vdb-entry, x_refsource_BID |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T01:50:46.653Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "94192", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/94192" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-10-03T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "94192", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/94192" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-7020", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "94192", "refsource": "BID", "url": "http://www.securityfocus.com/bid/94192" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-7020", "datePublished": "2016-10-05T21:00:00", "dateReserved": "2016-08-23T00:00:00", "dateUpdated": "2024-08-06T01:50:46.653Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4227
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
https://security.gentoo.org/glsa/201607-03 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/91719 | vdb-entry, x_refsource_BID | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093 | vendor-advisory, x_refsource_MS | |
https://www.exploit-db.com/exploits/40307/ | exploit, x_refsource_EXPLOIT-DB | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:25:13.755Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91719", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91719" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "40307", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/40307/" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91719", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91719" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "40307", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/40307/" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4227", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91719", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91719" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "40307", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/40307/" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4227", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:25:13.755Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4275
Vulnerability from cvelistv5
Published
2016-09-14 18:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201610-10 | vendor-advisory, x_refsource_GENTOO | |
https://helpx.adobe.com/security/products/flash-player/apsb16-29.html | x_refsource_CONFIRM | |
http://rhn.redhat.com/errata/RHSA-2016-1865.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/bid/92930 | vdb-entry, x_refsource_BID | |
https://www.exploit-db.com/exploits/40421/ | exploit, x_refsource_EXPLOIT-DB | |
http://www.securitytracker.com/id/1036791 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:25:13.703Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92930", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/92930" }, { "name": "40421", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/40421/" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036791" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-09-13T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92930", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/92930" }, { "name": "40421", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/40421/" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036791" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4275", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201610-10", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201610-10" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92930", "refsource": "BID", "url": "http://www.securityfocus.com/bid/92930" }, { "name": "40421", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/40421/" }, { "name": "1036791", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036791" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4275", "datePublished": "2016-09-14T18:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:25:13.703Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-0988
Vulnerability from cvelistv5
Published
2016-03-12 15:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html | vendor-advisory, x_refsource_SUSE | |
http://www.securitytracker.com/id/1035251 | vdb-entry, x_refsource_SECTRACK | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html | vendor-advisory, x_refsource_SUSE | |
https://security.gentoo.org/glsa/201603-07 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-08.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/84312 | vdb-entry, x_refsource_BID | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html | vendor-advisory, x_refsource_SUSE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.397Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "openSUSE-SU-2016:0734", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "84312", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/84312" }, { "name": "SUSE-SU-2016:0716", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-03-10T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-12-01T15:57:02", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "openSUSE-SU-2016:0734", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "84312", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/84312" }, { "name": "SUSE-SU-2016:0716", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-0988", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "openSUSE-SU-2016:0734", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "GLSA-201603-07", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "84312", "refsource": "BID", "url": "http://www.securityfocus.com/bid/84312" }, { "name": "SUSE-SU-2016:0716", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-0988", "datePublished": "2016-03-12T15:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.397Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-0984
Vulnerability from cvelistv5
Published
2016-02-10 20:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0982, and CVE-2016-0983.
References
▼ | URL | Tags |
---|---|---|
https://www.exploit-db.com/exploits/39462/ | exploit, x_refsource_EXPLOIT-DB | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html | vendor-advisory, x_refsource_SUSE | |
http://www.securitytracker.com/id/1034970 | vdb-entry, x_refsource_SECTRACK | |
https://security.gentoo.org/glsa/201603-07 | vendor-advisory, x_refsource_GENTOO | |
http://rhn.redhat.com/errata/RHSA-2016-0166.html | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-04.html | x_refsource_CONFIRM | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html | vendor-advisory, x_refsource_SUSE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.435Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "39462", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/39462/" }, { "name": "SUSE-SU-2016:0400", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-02-09T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0982, and CVE-2016-0983." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-09T09:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "39462", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/39462/" }, { "name": "SUSE-SU-2016:0400", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-0984", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0982, and CVE-2016-0983." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "39462", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/39462/" }, { "name": "SUSE-SU-2016:0400", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-0984", "datePublished": "2016-02-10T20:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.435Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4156
Vulnerability from cvelistv5
Published
2016-06-16 14:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
▼ | URL | Tags |
---|---|---|
http://www.securitytracker.com/id/1036117 | vdb-entry, x_refsource_SECTRACK | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083 | vendor-advisory, x_refsource_MS | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html | vendor-advisory, x_refsource_SUSE | |
https://access.redhat.com/errata/RHSA-2016:1238 | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-18.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.327Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-06-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4156", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1036117", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4156", "datePublished": "2016-06-16T14:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.327Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-3085
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-16 18:23
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 26.0.0.137 and earlier have a security bypass vulnerability that leads to information disclosure when performing URL redirect.
References
▼ | URL | Tags |
---|---|---|
http://www.securitytracker.com/id/1039088 | vdb-entry, x_refsource_SECTRACK | |
https://security.gentoo.org/glsa/201709-16 | vendor-advisory, x_refsource_GENTOO | |
https://access.redhat.com/errata/RHSA-2017:2457 | vendor-advisory, x_refsource_REDHAT | |
https://helpx.adobe.com/security/products/flash-player/apsb17-23.html | x_refsource_CONFIRM | |
http://www.zerodayinitiative.com/advisories/ZDI-17-634/ | x_refsource_MISC | |
https://blog.bjornweb.nl/2017/08/flash-remote-sandbox-escape-windows-user-credentials-leak/ | x_refsource_MISC | |
http://www.securityfocus.com/bid/100191 | vdb-entry, x_refsource_BID |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Adobe Systems Incorporated | Flash Player |
Version: 26.0.0.137 and earlier. |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T14:16:27.863Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1039088", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1039088" }, { "name": "GLSA-201709-16", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201709-16" }, { "name": "RHSA-2017:2457", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:2457" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-23.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-17-634/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://blog.bjornweb.nl/2017/08/flash-remote-sandbox-escape-windows-user-credentials-leak/" }, { "name": "100191", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/100191" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Flash Player", "vendor": "Adobe Systems Incorporated", "versions": [ { "status": "affected", "version": "26.0.0.137 and earlier." } ] } ], "datePublic": "2017-08-08T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 26.0.0.137 and earlier have a security bypass vulnerability that leads to information disclosure when performing URL redirect." } ], "problemTypes": [ { "descriptions": [ { "description": "Security Bypass", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "1039088", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1039088" }, { "name": "GLSA-201709-16", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201709-16" }, { "name": "RHSA-2017:2457", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:2457" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-23.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-17-634/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://blog.bjornweb.nl/2017/08/flash-remote-sandbox-escape-windows-user-credentials-leak/" }, { "name": "100191", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/100191" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "DATE_PUBLIC": "2017-08-08T00:00:00", "ID": "CVE-2017-3085", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Flash Player", "version": { "version_data": [ { "version_value": "26.0.0.137 and earlier." } ] } } ] }, "vendor_name": "Adobe Systems Incorporated" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 26.0.0.137 and earlier have a security bypass vulnerability that leads to information disclosure when performing URL redirect." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Security Bypass" } ] } ] }, "references": { "reference_data": [ { "name": "1039088", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1039088" }, { "name": "GLSA-201709-16", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201709-16" }, { "name": "RHSA-2017:2457", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2457" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb17-23.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-23.html" }, { "name": "http://www.zerodayinitiative.com/advisories/ZDI-17-634/", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-17-634/" }, { "name": "https://blog.bjornweb.nl/2017/08/flash-remote-sandbox-escape-windows-user-credentials-leak/", "refsource": "MISC", "url": "https://blog.bjornweb.nl/2017/08/flash-remote-sandbox-escape-windows-user-credentials-leak/" }, { "name": "100191", "refsource": "BID", "url": "http://www.securityfocus.com/bid/100191" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2017-3085", "datePublished": "2017-08-11T19:00:00Z", "dateReserved": "2016-12-02T00:00:00", "dateUpdated": "2024-09-16T18:23:18.694Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2015-5123
Vulnerability from cvelistv5
Published
2015-07-14 10:00
Modified
2024-08-06 06:32
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that overrides a valueOf function, as exploited in the wild in July 2015.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T06:32:32.897Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1032890", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1032890" }, { "name": "SUSE-SU-2015:1255", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00028.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://blog.trendmicro.com/trendlabs-security-intelligence/new-zero-day-vulnerability-cve-2015-5123-in-adobe-flash-emerges-from-hacking-team-leak/" }, { "name": "HPSBMU03409", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2" }, { "name": "TA15-195A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/ncas/alerts/TA15-195A" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-18.html" }, { "name": "VU#918568", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/918568" }, { "name": "SUSE-SU-2015:1258", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00029.html" }, { "name": "GLSA-201508-01", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201508-01" }, { "name": "HPSBHF03509", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04796784" }, { "name": "RHSA-2015:1235", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1235.html" }, { "name": "SSRT102253", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04796784" }, { "name": "75710", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/75710" }, { "name": "openSUSE-SU-2015:1267", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00032.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsa15-04.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-07-10T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that overrides a valueOf function, as exploited in the wild in July 2015." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-12-23T18:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "1032890", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1032890" }, { "name": "SUSE-SU-2015:1255", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00028.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://blog.trendmicro.com/trendlabs-security-intelligence/new-zero-day-vulnerability-cve-2015-5123-in-adobe-flash-emerges-from-hacking-team-leak/" }, { "name": "HPSBMU03409", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2" }, { "name": "TA15-195A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/ncas/alerts/TA15-195A" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-18.html" }, { "name": "VU#918568", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/918568" }, { "name": "SUSE-SU-2015:1258", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00029.html" }, { "name": "GLSA-201508-01", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201508-01" }, { "name": "HPSBHF03509", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04796784" }, { "name": "RHSA-2015:1235", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1235.html" }, { "name": "SSRT102253", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04796784" }, { "name": "75710", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/75710" }, { "name": "openSUSE-SU-2015:1267", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00032.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsa15-04.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2015-5123", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that overrides a valueOf function, as exploited in the wild in July 2015." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1032890", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1032890" }, { "name": "SUSE-SU-2015:1255", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00028.html" }, { "name": "http://blog.trendmicro.com/trendlabs-security-intelligence/new-zero-day-vulnerability-cve-2015-5123-in-adobe-flash-emerges-from-hacking-team-leak/", "refsource": "MISC", "url": "http://blog.trendmicro.com/trendlabs-security-intelligence/new-zero-day-vulnerability-cve-2015-5123-in-adobe-flash-emerges-from-hacking-team-leak/" }, { "name": "HPSBMU03409", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2" }, { "name": "TA15-195A", "refsource": "CERT", "url": "http://www.us-cert.gov/ncas/alerts/TA15-195A" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-18.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-18.html" }, { "name": "VU#918568", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/918568" }, { "name": "SUSE-SU-2015:1258", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00029.html" }, { "name": "GLSA-201508-01", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201508-01" }, { "name": "HPSBHF03509", "refsource": "HP", "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04796784" }, { "name": "RHSA-2015:1235", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-1235.html" }, { "name": "SSRT102253", "refsource": "HP", "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04796784" }, { "name": "75710", "refsource": "BID", "url": "http://www.securityfocus.com/bid/75710" }, { "name": "openSUSE-SU-2015:1267", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00032.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsa15-04.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsa15-04.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2015-5123", "datePublished": "2015-07-14T10:00:00", "dateReserved": "2015-06-26T00:00:00", "dateUpdated": "2024-08-06T06:32:32.897Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4153
Vulnerability from cvelistv5
Published
2016-06-16 14:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
▼ | URL | Tags |
---|---|---|
http://www.securitytracker.com/id/1036117 | vdb-entry, x_refsource_SECTRACK | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083 | vendor-advisory, x_refsource_MS | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html | vendor-advisory, x_refsource_SUSE | |
https://access.redhat.com/errata/RHSA-2016:1238 | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-18.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.279Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-06-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4153", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1036117", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4153", "datePublished": "2016-06-16T14:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.279Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-7877
Vulnerability from cvelistv5
Published
2016-12-15 06:31
Modified
2024-08-06 02:13
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the Action Message Format serialization (AFM0). Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html | vendor-advisory, x_refsource_SUSE | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154 | vendor-advisory, x_refsource_MS | |
https://security.gentoo.org/glsa/201701-17 | vendor-advisory, x_refsource_GENTOO | |
http://www.securityfocus.com/bid/94873 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1037442 | vdb-entry, x_refsource_SECTRACK | |
http://rhn.redhat.com/errata/RHSA-2016-2947.html | vendor-advisory, x_refsource_REDHAT | |
https://helpx.adobe.com/security/products/flash-player/apsb16-39.html | x_refsource_CONFIRM | |
http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html | vendor-advisory, x_refsource_SUSE |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier |
Version: Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T02:13:20.262Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:3148", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "name": "GLSA-201701-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "name": "94873", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/94873" }, { "name": "1037442", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1037442" }, { "name": "RHSA-2016:2947", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "name": "openSUSE-SU-2016:3160", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier" } ] } ], "datePublic": "2016-12-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the Action Message Format serialization (AFM0). Successful exploitation could lead to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Use After Free", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:3148", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "name": "GLSA-201701-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "name": "94873", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/94873" }, { "name": "1037442", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1037442" }, { "name": "RHSA-2016:2947", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "name": "openSUSE-SU-2016:3160", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-7877", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier", "version": { "version_data": [ { "version_value": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the Action Message Format serialization (AFM0). Successful exploitation could lead to arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Use After Free" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:3148", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "name": "GLSA-201701-17", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201701-17" }, { "name": "94873", "refsource": "BID", "url": "http://www.securityfocus.com/bid/94873" }, { "name": "1037442", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037442" }, { "name": "RHSA-2016:2947", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "name": "openSUSE-SU-2016:3160", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-7877", "datePublished": "2016-12-15T06:31:00", "dateReserved": "2016-09-09T00:00:00", "dateUpdated": "2024-08-06T02:13:20.262Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-1025
Vulnerability from cvelistv5
Published
2016-04-09 01:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html | vendor-advisory, x_refsource_SUSE | |
http://rhn.redhat.com/errata/RHSA-2016-0610.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/bid/85932 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1035509 | vdb-entry, x_refsource_SECTRACK | |
https://helpx.adobe.com/security/products/flash-player/apsb16-10.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.683Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1305", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "RHSA-2016:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "85932", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/85932" }, { "name": "1035509", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1035509" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-04-07T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-06-07T09:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1305", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "RHSA-2016:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "85932", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/85932" }, { "name": "1035509", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1035509" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-1025", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1305", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "RHSA-2016:0610", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "85932", "refsource": "BID", "url": "http://www.securityfocus.com/bid/85932" }, { "name": "1035509", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035509" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-1025", "datePublished": "2016-04-09T01:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.683Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2015-8821
Vulnerability from cvelistv5
Published
2016-03-04 23:00
Modified
2024-08-06 08:29
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via crafted MPEG-4 data, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, CVE-2015-8454, CVE-2015-8653, CVE-2015-8655, and CVE-2015-8822.
References
▼ | URL | Tags |
---|---|---|
https://helpx.adobe.com/security/products/flash-player/apsb15-32.html | x_refsource_CONFIRM | |
http://www.zerodayinitiative.com/advisories/ZDI-15-663 | x_refsource_MISC | |
http://www.securityfocus.com/bid/84162 | vdb-entry, x_refsource_BID |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T08:29:21.999Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-663" }, { "name": "84162", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/84162" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-03-02T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK \u0026 Compiler before 20.0.0.204 allows attackers to execute arbitrary code via crafted MPEG-4 data, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, CVE-2015-8454, CVE-2015-8653, CVE-2015-8655, and CVE-2015-8822." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-11-25T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-663" }, { "name": "84162", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/84162" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2015-8821", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK \u0026 Compiler before 20.0.0.204 allows attackers to execute arbitrary code via crafted MPEG-4 data, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, CVE-2015-8454, CVE-2015-8653, CVE-2015-8655, and CVE-2015-8822." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" }, { "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-663", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-663" }, { "name": "84162", "refsource": "BID", "url": "http://www.securityfocus.com/bid/84162" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2015-8821", "datePublished": "2016-03-04T23:00:00", "dateReserved": "2016-03-01T00:00:00", "dateUpdated": "2024-08-06T08:29:21.999Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2014-0564
Vulnerability from cvelistv5
Published
2014-10-15 10:00
Modified
2024-08-06 09:20
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0558.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-updates/2014-10/msg00033.html | vendor-advisory, x_refsource_SUSE | |
http://secunia.com/advisories/61980 | third-party-advisory, x_refsource_SECUNIA | |
http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00002.html | vendor-advisory, x_refsource_SUSE | |
http://rhn.redhat.com/errata/RHSA-2014-1648.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1031019 | vdb-entry, x_refsource_SECTRACK | |
http://helpx.adobe.com/security/products/flash-player/apsb14-22.html | x_refsource_CONFIRM | |
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html | vendor-advisory, x_refsource_SUSE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T09:20:19.761Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "openSUSE-SU-2014:1329", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00033.html" }, { "name": "61980", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61980" }, { "name": "SUSE-SU-2014:1360", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00002.html" }, { "name": "RHSA-2014:1648", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1648.html" }, { "name": "1031019", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031019" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://helpx.adobe.com/security/products/flash-player/apsb14-22.html" }, { "name": "openSUSE-SU-2015:0725", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-10-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK \u0026 Compiler before 15.0.0.302 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0558." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-12-30T16:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "openSUSE-SU-2014:1329", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00033.html" }, { "name": "61980", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61980" }, { "name": "SUSE-SU-2014:1360", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00002.html" }, { "name": "RHSA-2014:1648", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1648.html" }, { "name": "1031019", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031019" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://helpx.adobe.com/security/products/flash-player/apsb14-22.html" }, { "name": "openSUSE-SU-2015:0725", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2014-0564", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK \u0026 Compiler before 15.0.0.302 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0558." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "openSUSE-SU-2014:1329", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00033.html" }, { "name": "61980", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61980" }, { "name": "SUSE-SU-2014:1360", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00002.html" }, { "name": "RHSA-2014:1648", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2014-1648.html" }, { "name": "1031019", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1031019" }, { "name": "http://helpx.adobe.com/security/products/flash-player/apsb14-22.html", "refsource": "CONFIRM", "url": "http://helpx.adobe.com/security/products/flash-player/apsb14-22.html" }, { "name": "openSUSE-SU-2015:0725", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2014-0564", "datePublished": "2014-10-15T10:00:00", "dateReserved": "2013-12-20T00:00:00", "dateUpdated": "2024-08-06T09:20:19.761Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2015-8652
Vulnerability from cvelistv5
Published
2016-03-04 23:00
Modified
2024-08-06 08:20
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8654, CVE-2015-8656, CVE-2015-8657, CVE-2015-8658, and CVE-2015-8820.
References
▼ | URL | Tags |
---|---|---|
https://helpx.adobe.com/security/products/flash-player/apsb15-32.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/84160 | vdb-entry, x_refsource_BID | |
http://www.zerodayinitiative.com/advisories/ZDI-15-656 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T08:20:43.610Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" }, { "name": "84160", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/84160" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-656" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-03-02T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK \u0026 Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8654, CVE-2015-8656, CVE-2015-8657, CVE-2015-8658, and CVE-2015-8820." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-11-25T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" }, { "name": "84160", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/84160" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-656" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2015-8652", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK \u0026 Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8654, CVE-2015-8656, CVE-2015-8657, CVE-2015-8658, and CVE-2015-8820." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" }, { "name": "84160", "refsource": "BID", "url": "http://www.securityfocus.com/bid/84160" }, { "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-656", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-656" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2015-8652", "datePublished": "2016-03-04T23:00:00", "dateReserved": "2015-12-23T00:00:00", "dateUpdated": "2024-08-06T08:20:43.610Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4174
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/91719 | vdb-entry, x_refsource_BID | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093 | vendor-advisory, x_refsource_MS | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.306Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91719", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91719" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91719", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91719" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4174", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91719", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91719" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4174", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.306Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-2999
Vulnerability from cvelistv5
Published
2017-03-14 16:00
Modified
2024-08-05 14:09
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK functionality related to hosting playback surface. Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
https://helpx.adobe.com/security/products/flash-player/apsb17-07.html | x_refsource_CONFIRM | |
https://security.gentoo.org/glsa/201703-02 | vendor-advisory, x_refsource_GENTOO | |
http://www.securityfocus.com/bid/96866 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1037994 | vdb-entry, x_refsource_SECTRACK | |
http://rhn.redhat.com/errata/RHSA-2017-0526.html | vendor-advisory, x_refsource_REDHAT |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 24.0.0.221 and earlier. |
Version: Adobe Flash Player 24.0.0.221 and earlier. |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T14:09:17.800Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-07.html" }, { "name": "GLSA-201703-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201703-02" }, { "name": "96866", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/96866" }, { "name": "1037994", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1037994" }, { "name": "RHSA-2017:0526", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0526.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 24.0.0.221 and earlier.", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 24.0.0.221 and earlier." } ] } ], "datePublic": "2017-03-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK functionality related to hosting playback surface. Successful exploitation could lead to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Memory Corruption", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-07.html" }, { "name": "GLSA-201703-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201703-02" }, { "name": "96866", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/96866" }, { "name": "1037994", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1037994" }, { "name": "RHSA-2017:0526", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0526.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2017-2999", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 24.0.0.221 and earlier.", "version": { "version_data": [ { "version_value": "Adobe Flash Player 24.0.0.221 and earlier." } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK functionality related to hosting playback surface. Successful exploitation could lead to arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Memory Corruption" } ] } ] }, "references": { "reference_data": [ { "name": "https://helpx.adobe.com/security/products/flash-player/apsb17-07.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-07.html" }, { "name": "GLSA-201703-02", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201703-02" }, { "name": "96866", "refsource": "BID", "url": "http://www.securityfocus.com/bid/96866" }, { "name": "1037994", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037994" }, { "name": "RHSA-2017:0526", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2017-0526.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2017-2999", "datePublished": "2017-03-14T16:00:00", "dateReserved": "2016-12-02T00:00:00", "dateUpdated": "2024-08-05T14:09:17.800Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2018-5002
Vulnerability from cvelistv5
Published
2018-07-09 19:00
Modified
2024-08-05 05:18
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 29.0.0.171 and earlier have a Stack-based buffer overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
References
▼ | URL | Tags |
---|---|---|
https://access.redhat.com/errata/RHSA-2018:1827 | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1041058 | vdb-entry, x_refsource_SECTRACK | |
https://helpx.adobe.com/security/products/flash-player/apsb18-19.html | x_refsource_MISC | |
https://security.gentoo.org/glsa/201806-02 | vendor-advisory, x_refsource_GENTOO | |
http://www.securityfocus.com/bid/104412 | vdb-entry, x_refsource_BID |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 29.0.0.171 and earlier versions |
Version: Adobe Flash Player 29.0.0.171 and earlier versions |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T05:18:27.164Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2018:1827", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1827" }, { "name": "1041058", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1041058" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-19.html" }, { "name": "GLSA-201806-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201806-02" }, { "name": "104412", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/104412" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 29.0.0.171 and earlier versions", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 29.0.0.171 and earlier versions" } ] } ], "datePublic": "2018-07-09T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 29.0.0.171 and earlier have a Stack-based buffer overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user." } ], "problemTypes": [ { "descriptions": [ { "description": "Stack-based buffer overflow", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-21T09:57:02", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "RHSA-2018:1827", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1827" }, { "name": "1041058", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1041058" }, { "tags": [ "x_refsource_MISC" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-19.html" }, { "name": "GLSA-201806-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201806-02" }, { "name": "104412", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/104412" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2018-5002", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 29.0.0.171 and earlier versions", "version": { "version_data": [ { "version_value": "Adobe Flash Player 29.0.0.171 and earlier versions" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 29.0.0.171 and earlier have a Stack-based buffer overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Stack-based buffer overflow" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2018:1827", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1827" }, { "name": "1041058", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1041058" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb18-19.html", "refsource": "MISC", "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-19.html" }, { "name": "GLSA-201806-02", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201806-02" }, { "name": "104412", "refsource": "BID", "url": "http://www.securityfocus.com/bid/104412" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2018-5002", "datePublished": "2018-07-09T19:00:00", "dateReserved": "2018-01-03T00:00:00", "dateUpdated": "2024-08-05T05:18:27.164Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2018-4934
Vulnerability from cvelistv5
Published
2018-05-19 17:00
Modified
2024-08-05 05:18
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/103708 | vdb-entry, x_refsource_BID | |
https://access.redhat.com/errata/RHSA-2018:1119 | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1040648 | vdb-entry, x_refsource_SECTRACK | |
https://security.gentoo.org/glsa/201804-11 | vendor-advisory, x_refsource_GENTOO | |
https://www.exploit-db.com/exploits/44528/ | exploit, x_refsource_EXPLOIT-DB | |
https://helpx.adobe.com/security/products/flash-player/apsb18-08.html | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 29.0.0.113 and earlier versions |
Version: Adobe Flash Player 29.0.0.113 and earlier versions |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T05:18:27.083Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "103708", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/103708" }, { "name": "RHSA-2018:1119", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1119" }, { "name": "1040648", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1040648" }, { "name": "GLSA-201804-11", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201804-11" }, { "name": "44528", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/44528/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-08.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 29.0.0.113 and earlier versions", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 29.0.0.113 and earlier versions" } ] } ], "datePublic": "2018-05-19T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure." } ], "problemTypes": [ { "descriptions": [ { "description": "Out-of-bounds read", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-21T09:57:02", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "103708", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/103708" }, { "name": "RHSA-2018:1119", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1119" }, { "name": "1040648", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1040648" }, { "name": "GLSA-201804-11", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201804-11" }, { "name": "44528", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/44528/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-08.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2018-4934", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 29.0.0.113 and earlier versions", "version": { "version_data": [ { "version_value": "Adobe Flash Player 29.0.0.113 and earlier versions" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Out-of-bounds read" } ] } ] }, "references": { "reference_data": [ { "name": "103708", "refsource": "BID", "url": "http://www.securityfocus.com/bid/103708" }, { "name": "RHSA-2018:1119", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1119" }, { "name": "1040648", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1040648" }, { "name": "GLSA-201804-11", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201804-11" }, { "name": "44528", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/44528/" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb18-08.html", "refsource": "MISC", "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-08.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2018-4934", "datePublished": "2018-05-19T17:00:00", "dateReserved": "2018-01-03T00:00:00", "dateUpdated": "2024-08-05T05:18:27.083Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-6986
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:50
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6989, and CVE-2016-6990.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201610-10 | vendor-advisory, x_refsource_GENTOO | |
https://helpx.adobe.com/security/products/flash-player/apsb16-32.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/93490 | vdb-entry, x_refsource_BID | |
http://rhn.redhat.com/errata/RHSA-2016-2057.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1036985 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T01:50:46.005Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "name": "93490", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/93490" }, { "name": "RHSA-2016:2057", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "name": "1036985", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036985" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-10-11T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6989, and CVE-2016-6990." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "name": "93490", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/93490" }, { "name": "RHSA-2016:2057", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "name": "1036985", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036985" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-6986", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6989, and CVE-2016-6990." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201610-10", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201610-10" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "name": "93490", "refsource": "BID", "url": "http://www.securityfocus.com/bid/93490" }, { "name": "RHSA-2016:2057", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "name": "1036985", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036985" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-6986", "datePublished": "2016-10-13T19:00:00", "dateReserved": "2016-08-23T00:00:00", "dateUpdated": "2024-08-06T01:50:46.005Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-0982
Vulnerability from cvelistv5
Published
2016-02-10 20:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0983, and CVE-2016-0984.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html | vendor-advisory, x_refsource_SUSE | |
http://www.securitytracker.com/id/1034970 | vdb-entry, x_refsource_SECTRACK | |
https://security.gentoo.org/glsa/201603-07 | vendor-advisory, x_refsource_GENTOO | |
http://rhn.redhat.com/errata/RHSA-2016-0166.html | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-04.html | x_refsource_CONFIRM | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html | vendor-advisory, x_refsource_SUSE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.267Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:0400", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-02-09T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0983, and CVE-2016-0984." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-12-02T20:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:0400", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-0982", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0983, and CVE-2016-0984." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:0400", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-0982", "datePublished": "2016-02-10T20:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.267Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4135
Vulnerability from cvelistv5
Published
2016-06-16 14:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
▼ | URL | Tags |
---|---|---|
http://www.securitytracker.com/id/1036117 | vdb-entry, x_refsource_SECTRACK | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083 | vendor-advisory, x_refsource_MS | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html | vendor-advisory, x_refsource_SUSE | |
https://www.exploit-db.com/exploits/40087/ | exploit, x_refsource_EXPLOIT-DB | |
https://access.redhat.com/errata/RHSA-2016:1238 | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-18.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.228Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "40087", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/40087/" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-06-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "40087", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/40087/" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4135", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1036117", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "40087", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/40087/" }, { "name": "RHSA-2016:1238", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4135", "datePublished": "2016-06-16T14:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.228Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-0971
Vulnerability from cvelistv5
Published
2016-02-10 20:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html | vendor-advisory, x_refsource_SUSE | |
https://www.exploit-db.com/exploits/39465/ | exploit, x_refsource_EXPLOIT-DB | |
http://www.securitytracker.com/id/1034970 | vdb-entry, x_refsource_SECTRACK | |
https://security.gentoo.org/glsa/201603-07 | vendor-advisory, x_refsource_GENTOO | |
http://rhn.redhat.com/errata/RHSA-2016-0166.html | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-04.html | x_refsource_CONFIRM | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html | vendor-advisory, x_refsource_SUSE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.468Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:0400", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "39465", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/39465/" }, { "name": "1034970", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-02-09T00:00:00", "descriptions": [ { "lang": "en", "value": "Heap-based buffer overflow in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-09T09:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:0400", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "39465", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/39465/" }, { "name": "1034970", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-0971", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Heap-based buffer overflow in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:0400", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "39465", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/39465/" }, { "name": "1034970", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-0971", "datePublished": "2016-02-10T20:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.468Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2018-4945
Vulnerability from cvelistv5
Published
2018-07-09 19:00
Modified
2024-08-05 05:18
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 29.0.0.171 and earlier have a Type Confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
References
▼ | URL | Tags |
---|---|---|
https://access.redhat.com/errata/RHSA-2018:1827 | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1041058 | vdb-entry, x_refsource_SECTRACK | |
https://helpx.adobe.com/security/products/flash-player/apsb18-19.html | x_refsource_MISC | |
https://security.gentoo.org/glsa/201806-02 | vendor-advisory, x_refsource_GENTOO | |
http://www.securityfocus.com/bid/104413 | vdb-entry, x_refsource_BID |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 29.0.0.171 and earlier versions |
Version: Adobe Flash Player 29.0.0.171 and earlier versions |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T05:18:27.034Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2018:1827", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1827" }, { "name": "1041058", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1041058" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-19.html" }, { "name": "GLSA-201806-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201806-02" }, { "name": "104413", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/104413" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 29.0.0.171 and earlier versions", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 29.0.0.171 and earlier versions" } ] } ], "datePublic": "2018-07-09T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 29.0.0.171 and earlier have a Type Confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user." } ], "problemTypes": [ { "descriptions": [ { "description": "Type Confusion", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-21T09:57:02", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "RHSA-2018:1827", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1827" }, { "name": "1041058", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1041058" }, { "tags": [ "x_refsource_MISC" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-19.html" }, { "name": "GLSA-201806-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201806-02" }, { "name": "104413", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/104413" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2018-4945", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 29.0.0.171 and earlier versions", "version": { "version_data": [ { "version_value": "Adobe Flash Player 29.0.0.171 and earlier versions" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 29.0.0.171 and earlier have a Type Confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Type Confusion" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2018:1827", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1827" }, { "name": "1041058", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1041058" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb18-19.html", "refsource": "MISC", "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-19.html" }, { "name": "GLSA-201806-02", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201806-02" }, { "name": "104413", "refsource": "BID", "url": "http://www.securityfocus.com/bid/104413" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2018-4945", "datePublished": "2018-07-09T19:00:00", "dateReserved": "2018-01-03T00:00:00", "dateUpdated": "2024-08-05T05:18:27.034Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-0978
Vulnerability from cvelistv5
Published
2016-02-10 20:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html | vendor-advisory, x_refsource_SUSE | |
http://www.securitytracker.com/id/1034970 | vdb-entry, x_refsource_SECTRACK | |
https://security.gentoo.org/glsa/201603-07 | vendor-advisory, x_refsource_GENTOO | |
http://rhn.redhat.com/errata/RHSA-2016-0166.html | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-04.html | x_refsource_CONFIRM | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html | vendor-advisory, x_refsource_SUSE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.375Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:0400", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-02-09T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-12-02T20:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:0400", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-0978", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:0400", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-0978", "datePublished": "2016-02-10T20:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.375Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-6989
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:50
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, and CVE-2016-6990.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201610-10 | vendor-advisory, x_refsource_GENTOO | |
https://helpx.adobe.com/security/products/flash-player/apsb16-32.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/93490 | vdb-entry, x_refsource_BID | |
http://rhn.redhat.com/errata/RHSA-2016-2057.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1036985 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T01:50:46.051Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "name": "93490", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/93490" }, { "name": "RHSA-2016:2057", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "name": "1036985", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036985" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-10-11T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, and CVE-2016-6990." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "name": "93490", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/93490" }, { "name": "RHSA-2016:2057", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "name": "1036985", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036985" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-6989", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, and CVE-2016-6990." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201610-10", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201610-10" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "name": "93490", "refsource": "BID", "url": "http://www.securityfocus.com/bid/93490" }, { "name": "RHSA-2016:2057", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "name": "1036985", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036985" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-6989", "datePublished": "2016-10-13T19:00:00", "dateReserved": "2016-08-23T00:00:00", "dateUpdated": "2024-08-06T01:50:46.051Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4141
Vulnerability from cvelistv5
Published
2016-06-16 14:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
▼ | URL | Tags |
---|---|---|
http://www.securitytracker.com/id/1036117 | vdb-entry, x_refsource_SECTRACK | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083 | vendor-advisory, x_refsource_MS | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html | vendor-advisory, x_refsource_SUSE | |
https://access.redhat.com/errata/RHSA-2016:1238 | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-18.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.292Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-06-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4141", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1036117", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4141", "datePublished": "2016-06-16T14:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.292Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-3001
Vulnerability from cvelistv5
Published
2017-03-14 16:00
Modified
2024-08-05 14:09
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability related to garbage collection in the ActionScript 2 VM. Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/96861 | vdb-entry, x_refsource_BID | |
https://helpx.adobe.com/security/products/flash-player/apsb17-07.html | x_refsource_CONFIRM | |
https://security.gentoo.org/glsa/201703-02 | vendor-advisory, x_refsource_GENTOO | |
http://www.securitytracker.com/id/1037994 | vdb-entry, x_refsource_SECTRACK | |
http://rhn.redhat.com/errata/RHSA-2017-0526.html | vendor-advisory, x_refsource_REDHAT |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 24.0.0.221 and earlier. |
Version: Adobe Flash Player 24.0.0.221 and earlier. |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T14:09:17.820Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "96861", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/96861" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-07.html" }, { "name": "GLSA-201703-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201703-02" }, { "name": "1037994", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1037994" }, { "name": "RHSA-2017:0526", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0526.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 24.0.0.221 and earlier.", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 24.0.0.221 and earlier." } ] } ], "datePublic": "2017-03-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability related to garbage collection in the ActionScript 2 VM. Successful exploitation could lead to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Use After Free", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "96861", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/96861" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-07.html" }, { "name": "GLSA-201703-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201703-02" }, { "name": "1037994", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1037994" }, { "name": "RHSA-2017:0526", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0526.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2017-3001", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 24.0.0.221 and earlier.", "version": { "version_data": [ { "version_value": "Adobe Flash Player 24.0.0.221 and earlier." } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability related to garbage collection in the ActionScript 2 VM. Successful exploitation could lead to arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Use After Free" } ] } ] }, "references": { "reference_data": [ { "name": "96861", "refsource": "BID", "url": "http://www.securityfocus.com/bid/96861" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb17-07.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-07.html" }, { "name": "GLSA-201703-02", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201703-02" }, { "name": "1037994", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037994" }, { "name": "RHSA-2017:0526", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2017-0526.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2017-3001", "datePublished": "2017-03-14T16:00:00", "dateReserved": "2016-12-02T00:00:00", "dateUpdated": "2024-08-05T14:09:17.820Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2015-8655
Vulnerability from cvelistv5
Published
2016-03-04 23:00
Modified
2024-08-06 08:20
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via crafted MPEG-4 data, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, CVE-2015-8454, CVE-2015-8653, CVE-2015-8821, and CVE-2015-8822.
References
▼ | URL | Tags |
---|---|---|
https://helpx.adobe.com/security/products/flash-player/apsb15-32.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/84162 | vdb-entry, x_refsource_BID | |
http://www.zerodayinitiative.com/advisories/ZDI-15-655 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T08:20:43.561Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" }, { "name": "84162", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/84162" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-655" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-03-02T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK \u0026 Compiler before 20.0.0.204 allows attackers to execute arbitrary code via crafted MPEG-4 data, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, CVE-2015-8454, CVE-2015-8653, CVE-2015-8821, and CVE-2015-8822." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-11-25T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" }, { "name": "84162", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/84162" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-655" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2015-8655", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK \u0026 Compiler before 20.0.0.204 allows attackers to execute arbitrary code via crafted MPEG-4 data, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, CVE-2015-8454, CVE-2015-8653, CVE-2015-8821, and CVE-2015-8822." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" }, { "name": "84162", "refsource": "BID", "url": "http://www.securityfocus.com/bid/84162" }, { "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-655", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-655" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2015-8655", "datePublished": "2016-03-04T23:00:00", "dateReserved": "2015-12-23T00:00:00", "dateUpdated": "2024-08-06T08:20:43.561Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-2994
Vulnerability from cvelistv5
Published
2017-02-15 06:11
Modified
2024-08-05 14:09
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in Primetime SDK event dispatch. Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201702-20 | vendor-advisory, x_refsource_GENTOO | |
http://www.securityfocus.com/bid/96199 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1037815 | vdb-entry, x_refsource_SECTRACK | |
http://rhn.redhat.com/errata/RHSA-2017-0526.html | vendor-advisory, x_refsource_REDHAT | |
https://helpx.adobe.com/security/products/flash-player/apsb17-04.html | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 24.0.0.194 and earlier. |
Version: Adobe Flash Player 24.0.0.194 and earlier. |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T14:09:17.809Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201702-20", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201702-20" }, { "name": "96199", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/96199" }, { "name": "1037815", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1037815" }, { "name": "RHSA-2017:0526", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0526.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 24.0.0.194 and earlier.", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 24.0.0.194 and earlier." } ] } ], "datePublic": "2017-02-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in Primetime SDK event dispatch. Successful exploitation could lead to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Use After Free", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201702-20", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201702-20" }, { "name": "96199", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/96199" }, { "name": "1037815", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1037815" }, { "name": "RHSA-2017:0526", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0526.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2017-2994", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 24.0.0.194 and earlier.", "version": { "version_data": [ { "version_value": "Adobe Flash Player 24.0.0.194 and earlier." } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in Primetime SDK event dispatch. Successful exploitation could lead to arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Use After Free" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201702-20", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201702-20" }, { "name": "96199", "refsource": "BID", "url": "http://www.securityfocus.com/bid/96199" }, { "name": "1037815", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037815" }, { "name": "RHSA-2017:0526", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2017-0526.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2017-2994", "datePublished": "2017-02-15T06:11:00", "dateReserved": "2016-12-02T00:00:00", "dateUpdated": "2024-08-05T14:09:17.809Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-6990
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:50
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, and CVE-2016-6989.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201610-10 | vendor-advisory, x_refsource_GENTOO | |
https://helpx.adobe.com/security/products/flash-player/apsb16-32.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/93490 | vdb-entry, x_refsource_BID | |
http://rhn.redhat.com/errata/RHSA-2016-2057.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1036985 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T01:50:47.502Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "name": "93490", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/93490" }, { "name": "RHSA-2016:2057", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "name": "1036985", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036985" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-10-11T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, and CVE-2016-6989." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "name": "93490", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/93490" }, { "name": "RHSA-2016:2057", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "name": "1036985", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036985" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-6990", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, and CVE-2016-6989." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201610-10", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201610-10" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "name": "93490", "refsource": "BID", "url": "http://www.securityfocus.com/bid/93490" }, { "name": "RHSA-2016:2057", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "name": "1036985", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036985" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-6990", "datePublished": "2016-10-13T19:00:00", "dateReserved": "2016-08-23T00:00:00", "dateUpdated": "2024-08-06T01:50:47.502Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4122
Vulnerability from cvelistv5
Published
2016-06-16 14:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
▼ | URL | Tags |
---|---|---|
http://www.securitytracker.com/id/1036117 | vdb-entry, x_refsource_SECTRACK | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083 | vendor-advisory, x_refsource_MS | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html | vendor-advisory, x_refsource_SUSE | |
https://access.redhat.com/errata/RHSA-2016:1238 | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-18.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.084Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-06-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4122", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1036117", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4122", "datePublished": "2016-06-16T14:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.084Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4154
Vulnerability from cvelistv5
Published
2016-06-16 14:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
▼ | URL | Tags |
---|---|---|
http://www.securitytracker.com/id/1036117 | vdb-entry, x_refsource_SECTRACK | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083 | vendor-advisory, x_refsource_MS | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html | vendor-advisory, x_refsource_SUSE | |
https://access.redhat.com/errata/RHSA-2016:1238 | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-18.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.195Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-06-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4154", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1036117", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4154", "datePublished": "2016-06-16T14:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.195Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-6985
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:50
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6986, CVE-2016-6989, and CVE-2016-6990.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201610-10 | vendor-advisory, x_refsource_GENTOO | |
https://helpx.adobe.com/security/products/flash-player/apsb16-32.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/93490 | vdb-entry, x_refsource_BID | |
http://rhn.redhat.com/errata/RHSA-2016-2057.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1036985 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T01:50:46.834Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "name": "93490", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/93490" }, { "name": "RHSA-2016:2057", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "name": "1036985", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036985" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-10-11T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6986, CVE-2016-6989, and CVE-2016-6990." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "name": "93490", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/93490" }, { "name": "RHSA-2016:2057", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "name": "1036985", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036985" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-6985", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6986, CVE-2016-6989, and CVE-2016-6990." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201610-10", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201610-10" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "name": "93490", "refsource": "BID", "url": "http://www.securityfocus.com/bid/93490" }, { "name": "RHSA-2016:2057", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "name": "1036985", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036985" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-6985", "datePublished": "2016-10-13T19:00:00", "dateReserved": "2016-08-23T00:00:00", "dateUpdated": "2024-08-06T01:50:46.834Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4129
Vulnerability from cvelistv5
Published
2016-06-16 14:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
▼ | URL | Tags |
---|---|---|
http://www.securitytracker.com/id/1036117 | vdb-entry, x_refsource_SECTRACK | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083 | vendor-advisory, x_refsource_MS | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html | vendor-advisory, x_refsource_SUSE | |
https://access.redhat.com/errata/RHSA-2016:1238 | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-18.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.227Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-06-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4129", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1036117", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4129", "datePublished": "2016-06-16T14:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.227Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4172
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/91725 | vdb-entry, x_refsource_BID | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.323Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4172", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91725" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4172", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.323Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-3002
Vulnerability from cvelistv5
Published
2017-03-14 16:00
Modified
2024-08-05 14:09
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability in the ActionScript2 TextField object related to the variable property. Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/96861 | vdb-entry, x_refsource_BID | |
https://helpx.adobe.com/security/products/flash-player/apsb17-07.html | x_refsource_CONFIRM | |
https://security.gentoo.org/glsa/201703-02 | vendor-advisory, x_refsource_GENTOO | |
http://www.securitytracker.com/id/1037994 | vdb-entry, x_refsource_SECTRACK | |
http://rhn.redhat.com/errata/RHSA-2017-0526.html | vendor-advisory, x_refsource_REDHAT |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 24.0.0.221 and earlier. |
Version: Adobe Flash Player 24.0.0.221 and earlier. |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T14:09:17.825Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "96861", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/96861" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-07.html" }, { "name": "GLSA-201703-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201703-02" }, { "name": "1037994", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1037994" }, { "name": "RHSA-2017:0526", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0526.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 24.0.0.221 and earlier.", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 24.0.0.221 and earlier." } ] } ], "datePublic": "2017-03-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability in the ActionScript2 TextField object related to the variable property. Successful exploitation could lead to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Use After Free", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "96861", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/96861" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-07.html" }, { "name": "GLSA-201703-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201703-02" }, { "name": "1037994", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1037994" }, { "name": "RHSA-2017:0526", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0526.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2017-3002", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 24.0.0.221 and earlier.", "version": { "version_data": [ { "version_value": "Adobe Flash Player 24.0.0.221 and earlier." } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability in the ActionScript2 TextField object related to the variable property. Successful exploitation could lead to arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Use After Free" } ] } ] }, "references": { "reference_data": [ { "name": "96861", "refsource": "BID", "url": "http://www.securityfocus.com/bid/96861" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb17-07.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-07.html" }, { "name": "GLSA-201703-02", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201703-02" }, { "name": "1037994", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037994" }, { "name": "RHSA-2017:0526", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2017-0526.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2017-3002", "datePublished": "2017-03-14T16:00:00", "dateReserved": "2016-12-02T00:00:00", "dateUpdated": "2024-08-05T14:09:17.825Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-1005
Vulnerability from cvelistv5
Published
2016-03-12 15:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (uninitialized pointer dereference and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, and CVE-2016-1002.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html | vendor-advisory, x_refsource_SUSE | |
http://www.securitytracker.com/id/1035251 | vdb-entry, x_refsource_SECTRACK | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/84311 | vdb-entry, x_refsource_BID | |
https://security.gentoo.org/glsa/201603-07 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-08.html | x_refsource_CONFIRM | |
http://www.zerodayinitiative.com/advisories/ZDI-16-192/ | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html | vendor-advisory, x_refsource_SUSE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.535Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "openSUSE-SU-2016:0734", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "84311", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/84311" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-192/" }, { "name": "SUSE-SU-2016:0716", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-03-10T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (uninitialized pointer dereference and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, and CVE-2016-1002." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-01-03T10:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "openSUSE-SU-2016:0734", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "84311", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/84311" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-192/" }, { "name": "SUSE-SU-2016:0716", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-1005", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (uninitialized pointer dereference and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, and CVE-2016-1002." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "openSUSE-SU-2016:0734", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "84311", "refsource": "BID", "url": "http://www.securityfocus.com/bid/84311" }, { "name": "GLSA-201603-07", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-192/", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-192/" }, { "name": "SUSE-SU-2016:0716", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-1005", "datePublished": "2016-03-12T15:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.535Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2015-8822
Vulnerability from cvelistv5
Published
2016-03-04 23:00
Modified
2024-08-06 08:29
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via crafted MPEG-4 data, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, CVE-2015-8454, CVE-2015-8653, CVE-2015-8655, and CVE-2015-8821.
References
▼ | URL | Tags |
---|---|---|
http://www.zerodayinitiative.com/advisories/ZDI-15-664 | x_refsource_MISC | |
https://helpx.adobe.com/security/products/flash-player/apsb15-32.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T08:29:22.082Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-664" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-03-02T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK \u0026 Compiler before 20.0.0.204 allows attackers to execute arbitrary code via crafted MPEG-4 data, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, CVE-2015-8454, CVE-2015-8653, CVE-2015-8655, and CVE-2015-8821." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-03-04T22:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-664" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2015-8822", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK \u0026 Compiler before 20.0.0.204 allows attackers to execute arbitrary code via crafted MPEG-4 data, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, CVE-2015-8454, CVE-2015-8653, CVE-2015-8655, and CVE-2015-8821." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-664", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-664" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2015-8822", "datePublished": "2016-03-04T23:00:00", "dateReserved": "2016-03-01T00:00:00", "dateUpdated": "2024-08-06T08:29:22.082Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4173
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/91719 | vdb-entry, x_refsource_BID | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093 | vendor-advisory, x_refsource_MS | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.304Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91719", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91719" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91719", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91719" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4173", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91719", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91719" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "MS16-093", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4173", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.304Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-0995
Vulnerability from cvelistv5
Published
2016-03-12 15:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html | vendor-advisory, x_refsource_SUSE | |
http://www.securitytracker.com/id/1035251 | vdb-entry, x_refsource_SECTRACK | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html | vendor-advisory, x_refsource_SUSE | |
https://security.gentoo.org/glsa/201603-07 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-08.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/84312 | vdb-entry, x_refsource_BID | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html | vendor-advisory, x_refsource_SUSE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.525Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "openSUSE-SU-2016:0734", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "84312", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/84312" }, { "name": "SUSE-SU-2016:0716", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-03-10T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-12-01T15:57:02", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "openSUSE-SU-2016:0734", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "84312", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/84312" }, { "name": "SUSE-SU-2016:0716", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-0995", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "openSUSE-SU-2016:0734", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "GLSA-201603-07", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "84312", "refsource": "BID", "url": "http://www.securityfocus.com/bid/84312" }, { "name": "SUSE-SU-2016:0716", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-0995", "datePublished": "2016-03-12T15:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.525Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2018-15967
Vulnerability from cvelistv5
Published
2018-09-25 13:00
Modified
2024-08-05 10:10
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 30.0.0.154 and earlier have a privilege escalation vulnerability. Successful exploitation could lead to information disclosure.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/105315 | vdb-entry, x_refsource_BID | |
https://access.redhat.com/errata/RHSA-2018:2707 | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1041620 | vdb-entry, x_refsource_SECTRACK | |
https://helpx.adobe.com/security/products/flash-player/apsb18-31.html | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Adobe | Flash Player |
Version: 30.0.0.154 and earlier versions |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T10:10:05.649Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "105315", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/105315" }, { "name": "RHSA-2018:2707", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:2707" }, { "name": "1041620", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1041620" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-31.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Flash Player", "vendor": "Adobe", "versions": [ { "status": "affected", "version": "30.0.0.154 and earlier versions" } ] } ], "datePublic": "2018-09-11T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 30.0.0.154 and earlier have a privilege escalation vulnerability. Successful exploitation could lead to information disclosure." } ], "problemTypes": [ { "descriptions": [ { "description": "Privilege Escalation", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-09-26T09:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "105315", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/105315" }, { "name": "RHSA-2018:2707", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:2707" }, { "name": "1041620", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1041620" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-31.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2018-15967", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Flash Player", "version": { "version_data": [ { "version_value": "30.0.0.154 and earlier versions" } ] } } ] }, "vendor_name": "Adobe" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 30.0.0.154 and earlier have a privilege escalation vulnerability. Successful exploitation could lead to information disclosure." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Privilege Escalation" } ] } ] }, "references": { "reference_data": [ { "name": "105315", "refsource": "BID", "url": "http://www.securityfocus.com/bid/105315" }, { "name": "RHSA-2018:2707", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2707" }, { "name": "1041620", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1041620" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb18-31.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-31.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2018-15967", "datePublished": "2018-09-25T13:00:00", "dateReserved": "2018-08-28T00:00:00", "dateUpdated": "2024-08-05T10:10:05.649Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-1031
Vulnerability from cvelistv5
Published
2016-04-09 01:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1011, CVE-2016-1013, CVE-2016-1016, and CVE-2016-1017.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/85926 | vdb-entry, x_refsource_BID | |
http://rhn.redhat.com/errata/RHSA-2016-0610.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1035509 | vdb-entry, x_refsource_SECTRACK | |
https://helpx.adobe.com/security/products/flash-player/apsb16-10.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.670Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1305", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "85926", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/85926" }, { "name": "RHSA-2016:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "1035509", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1035509" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-04-07T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1011, CVE-2016-1013, CVE-2016-1016, and CVE-2016-1017." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-02-01T10:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1305", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "85926", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/85926" }, { "name": "RHSA-2016:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "1035509", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1035509" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-1031", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1011, CVE-2016-1013, CVE-2016-1016, and CVE-2016-1017." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1305", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "85926", "refsource": "BID", "url": "http://www.securityfocus.com/bid/85926" }, { "name": "RHSA-2016:0610", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "1035509", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035509" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-1031", "datePublished": "2016-04-09T01:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.670Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-1014
Vulnerability from cvelistv5
Published
2016-04-09 01:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Untrusted search path vulnerability in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows local users to gain privileges via a Trojan horse resource in an unspecified directory.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html | vendor-advisory, x_refsource_SUSE | |
http://packetstormsecurity.com/files/137532/Adobe-Flash-Player-DLL-Hijacking.html | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html | vendor-advisory, x_refsource_SUSE | |
http://seclists.org/fulldisclosure/2016/Jun/39 | mailing-list, x_refsource_FULLDISC | |
http://rhn.redhat.com/errata/RHSA-2016-0610.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/archive/1/538699/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
http://www.securitytracker.com/id/1035509 | vdb-entry, x_refsource_SECTRACK | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050 | vendor-advisory, x_refsource_MS | |
https://helpx.adobe.com/security/products/flash-player/apsb16-10.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.535Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1305", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/137532/Adobe-Flash-Player-DLL-Hijacking.html" }, { "name": "openSUSE-SU-2016:1306", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "20160618 [CVE-2016-1014] Escalation of privilege via executable (un)installers of Flash Player", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2016/Jun/39" }, { "name": "RHSA-2016:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "20160617 [CVE-2016-1014] Escalation of privilege via executable (un)installers of Flash Player", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/538699/100/0/threaded" }, { "name": "1035509", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1035509" }, { "name": "MS16-050", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-04-07T00:00:00", "descriptions": [ { "lang": "en", "value": "Untrusted search path vulnerability in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows local users to gain privileges via a Trojan horse resource in an unspecified directory." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1305", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/137532/Adobe-Flash-Player-DLL-Hijacking.html" }, { "name": "openSUSE-SU-2016:1306", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "20160618 [CVE-2016-1014] Escalation of privilege via executable (un)installers of Flash Player", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2016/Jun/39" }, { "name": "RHSA-2016:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "20160617 [CVE-2016-1014] Escalation of privilege via executable (un)installers of Flash Player", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/538699/100/0/threaded" }, { "name": "1035509", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1035509" }, { "name": "MS16-050", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-1014", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Untrusted search path vulnerability in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows local users to gain privileges via a Trojan horse resource in an unspecified directory." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1305", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "http://packetstormsecurity.com/files/137532/Adobe-Flash-Player-DLL-Hijacking.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/137532/Adobe-Flash-Player-DLL-Hijacking.html" }, { "name": "openSUSE-SU-2016:1306", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "20160618 [CVE-2016-1014] Escalation of privilege via executable (un)installers of Flash Player", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2016/Jun/39" }, { "name": "RHSA-2016:0610", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "20160617 [CVE-2016-1014] Escalation of privilege via executable (un)installers of Flash Player", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/538699/100/0/threaded" }, { "name": "1035509", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035509" }, { "name": "MS16-050", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-1014", "datePublished": "2016-04-09T01:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.535Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-1028
Vulnerability from cvelistv5
Published
2016-04-09 01:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html | vendor-advisory, x_refsource_SUSE | |
http://rhn.redhat.com/errata/RHSA-2016-0610.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/bid/85932 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1035509 | vdb-entry, x_refsource_SECTRACK | |
https://helpx.adobe.com/security/products/flash-player/apsb16-10.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.600Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1305", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "RHSA-2016:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "85932", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/85932" }, { "name": "1035509", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1035509" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-04-07T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-06-07T09:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1305", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "RHSA-2016:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "85932", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/85932" }, { "name": "1035509", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1035509" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-1028", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1305", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "RHSA-2016:0610", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "85932", "refsource": "BID", "url": "http://www.securityfocus.com/bid/85932" }, { "name": "1035509", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035509" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-1028", "datePublished": "2016-04-09T01:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.600Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-2986
Vulnerability from cvelistv5
Published
2017-02-15 06:11
Modified
2024-08-05 14:09
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability in the Flash Video (FLV) codec. Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201702-20 | vendor-advisory, x_refsource_GENTOO | |
http://rhn.redhat.com/errata/RHSA-2017-0275.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/bid/96193 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1037815 | vdb-entry, x_refsource_SECTRACK | |
https://www.exploit-db.com/exploits/41423/ | exploit, x_refsource_EXPLOIT-DB | |
https://helpx.adobe.com/security/products/flash-player/apsb17-04.html | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 24.0.0.194 and earlier. |
Version: Adobe Flash Player 24.0.0.194 and earlier. |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T14:09:17.783Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201702-20", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201702-20" }, { "name": "RHSA-2017:0275", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "name": "96193", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/96193" }, { "name": "1037815", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1037815" }, { "name": "41423", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/41423/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 24.0.0.194 and earlier.", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 24.0.0.194 and earlier." } ] } ], "datePublic": "2017-02-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability in the Flash Video (FLV) codec. Successful exploitation could lead to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Heap Overflow", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201702-20", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201702-20" }, { "name": "RHSA-2017:0275", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "name": "96193", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/96193" }, { "name": "1037815", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1037815" }, { "name": "41423", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/41423/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2017-2986", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 24.0.0.194 and earlier.", "version": { "version_data": [ { "version_value": "Adobe Flash Player 24.0.0.194 and earlier." } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability in the Flash Video (FLV) codec. Successful exploitation could lead to arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Heap Overflow" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201702-20", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201702-20" }, { "name": "RHSA-2017:0275", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "name": "96193", "refsource": "BID", "url": "http://www.securityfocus.com/bid/96193" }, { "name": "1037815", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037815" }, { "name": "41423", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/41423/" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2017-2986", "datePublished": "2017-02-15T06:11:00", "dateReserved": "2016-12-02T00:00:00", "dateUpdated": "2024-08-05T14:09:17.783Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4241
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html | vendor-advisory, x_refsource_SUSE | |
https://security.gentoo.org/glsa/201607-03 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/91725 | vdb-entry, x_refsource_BID | |
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2016:1423 | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1036280 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:25:13.989Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036280" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1826", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91725" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036280" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4241", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1826", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "name": "GLSA-201607-03", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-03" }, { "name": "openSUSE-SU-2016:1802", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "name": "91725", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91725" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "name": "RHSA-2016:1423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1423" }, { "name": "1036280", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036280" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4241", "datePublished": "2016-07-13T01:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:25:13.989Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4279
Vulnerability from cvelistv5
Published
2016-09-14 18:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201610-10 | vendor-advisory, x_refsource_GENTOO | |
https://helpx.adobe.com/security/products/flash-player/apsb16-29.html | x_refsource_CONFIRM | |
http://rhn.redhat.com/errata/RHSA-2016-1865.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/bid/92927 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1036791 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:25:13.972Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92927", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/92927" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036791" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-09-13T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92927", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/92927" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036791" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4279", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201610-10", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201610-10" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92927", "refsource": "BID", "url": "http://www.securityfocus.com/bid/92927" }, { "name": "1036791", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036791" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4279", "datePublished": "2016-09-14T18:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:25:13.972Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-7871
Vulnerability from cvelistv5
Published
2016-12-15 06:31
Modified
2024-08-06 02:13
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the Worker class. Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html | vendor-advisory, x_refsource_SUSE | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154 | vendor-advisory, x_refsource_MS | |
https://security.gentoo.org/glsa/201701-17 | vendor-advisory, x_refsource_GENTOO | |
http://www.securitytracker.com/id/1037442 | vdb-entry, x_refsource_SECTRACK | |
http://www.securityfocus.com/bid/94866 | vdb-entry, x_refsource_BID | |
http://rhn.redhat.com/errata/RHSA-2016-2947.html | vendor-advisory, x_refsource_REDHAT | |
https://helpx.adobe.com/security/products/flash-player/apsb16-39.html | x_refsource_CONFIRM | |
http://www.zerodayinitiative.com/advisories/ZDI-16-627 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html | vendor-advisory, x_refsource_SUSE |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier |
Version: Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T02:13:20.371Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:3148", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "name": "GLSA-201701-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "name": "1037442", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1037442" }, { "name": "94866", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/94866" }, { "name": "RHSA-2016:2947", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-627" }, { "name": "openSUSE-SU-2016:3160", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier" } ] } ], "datePublic": "2016-12-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the Worker class. Successful exploitation could lead to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Memory Corruption", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:3148", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "name": "GLSA-201701-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "name": "1037442", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1037442" }, { "name": "94866", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/94866" }, { "name": "RHSA-2016:2947", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-627" }, { "name": "openSUSE-SU-2016:3160", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-7871", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier", "version": { "version_data": [ { "version_value": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the Worker class. Successful exploitation could lead to arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Memory Corruption" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:3148", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "name": "GLSA-201701-17", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201701-17" }, { "name": "1037442", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037442" }, { "name": "94866", "refsource": "BID", "url": "http://www.securityfocus.com/bid/94866" }, { "name": "RHSA-2016:2947", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-627", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-627" }, { "name": "openSUSE-SU-2016:3160", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-7871", "datePublished": "2016-12-15T06:31:00", "dateReserved": "2016-09-09T00:00:00", "dateUpdated": "2024-08-06T02:13:20.371Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-1015
Vulnerability from cvelistv5
Published
2016-04-09 01:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code by overriding NetConnection object properties to leverage an unspecified "type confusion," a different vulnerability than CVE-2016-1019.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html | vendor-advisory, x_refsource_SUSE | |
http://www.zerodayinitiative.com/advisories/ZDI-16-227/ | x_refsource_MISC | |
http://rhn.redhat.com/errata/RHSA-2016-0610.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1035509 | vdb-entry, x_refsource_SECTRACK | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050 | vendor-advisory, x_refsource_MS | |
https://helpx.adobe.com/security/products/flash-player/apsb16-10.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/85930 | vdb-entry, x_refsource_BID |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.643Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1305", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-227/" }, { "name": "RHSA-2016:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "1035509", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1035509" }, { "name": "MS16-050", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" }, { "name": "85930", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/85930" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-04-07T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code by overriding NetConnection object properties to leverage an unspecified \"type confusion,\" a different vulnerability than CVE-2016-1019." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:1305", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-227/" }, { "name": "RHSA-2016:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "1035509", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1035509" }, { "name": "MS16-050", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" }, { "name": "85930", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/85930" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-1015", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code by overriding NetConnection object properties to leverage an unspecified \"type confusion,\" a different vulnerability than CVE-2016-1019." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1305", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" }, { "name": "openSUSE-SU-2016:1306", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" }, { "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-227/", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-227/" }, { "name": "RHSA-2016:0610", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" }, { "name": "1035509", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035509" }, { "name": "MS16-050", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" }, { "name": "85930", "refsource": "BID", "url": "http://www.securityfocus.com/bid/85930" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-1015", "datePublished": "2016-04-09T01:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.643Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-0968
Vulnerability from cvelistv5
Published
2016-02-10 20:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html | vendor-advisory, x_refsource_SUSE | |
http://www.securitytracker.com/id/1034970 | vdb-entry, x_refsource_SECTRACK | |
https://security.gentoo.org/glsa/201603-07 | vendor-advisory, x_refsource_GENTOO | |
http://rhn.redhat.com/errata/RHSA-2016-0166.html | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-04.html | x_refsource_CONFIRM | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html | vendor-advisory, x_refsource_SUSE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.228Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:0400", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-02-09T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-12-02T20:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:0400", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-0968", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:0400", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-0968", "datePublished": "2016-02-10T20:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.228Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2018-4936
Vulnerability from cvelistv5
Published
2018-05-19 17:00
Modified
2024-08-05 05:18
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable Heap Overflow vulnerability. Successful exploitation could lead to information disclosure.
References
▼ | URL | Tags |
---|---|---|
https://www.exploit-db.com/exploits/44526/ | exploit, x_refsource_EXPLOIT-DB | |
http://www.securityfocus.com/bid/103708 | vdb-entry, x_refsource_BID | |
https://access.redhat.com/errata/RHSA-2018:1119 | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1040648 | vdb-entry, x_refsource_SECTRACK | |
https://security.gentoo.org/glsa/201804-11 | vendor-advisory, x_refsource_GENTOO | |
https://helpx.adobe.com/security/products/flash-player/apsb18-08.html | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 29.0.0.113 and earlier versions |
Version: Adobe Flash Player 29.0.0.113 and earlier versions |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T05:18:27.025Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "44526", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/44526/" }, { "name": "103708", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/103708" }, { "name": "RHSA-2018:1119", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1119" }, { "name": "1040648", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1040648" }, { "name": "GLSA-201804-11", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201804-11" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-08.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 29.0.0.113 and earlier versions", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 29.0.0.113 and earlier versions" } ] } ], "datePublic": "2018-05-19T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable Heap Overflow vulnerability. Successful exploitation could lead to information disclosure." } ], "problemTypes": [ { "descriptions": [ { "description": "Heap Overflow", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-21T09:57:02", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "44526", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/44526/" }, { "name": "103708", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/103708" }, { "name": "RHSA-2018:1119", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1119" }, { "name": "1040648", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1040648" }, { "name": "GLSA-201804-11", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201804-11" }, { "tags": [ "x_refsource_MISC" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-08.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2018-4936", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 29.0.0.113 and earlier versions", "version": { "version_data": [ { "version_value": "Adobe Flash Player 29.0.0.113 and earlier versions" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable Heap Overflow vulnerability. Successful exploitation could lead to information disclosure." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Heap Overflow" } ] } ] }, "references": { "reference_data": [ { "name": "44526", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/44526/" }, { "name": "103708", "refsource": "BID", "url": "http://www.securityfocus.com/bid/103708" }, { "name": "RHSA-2018:1119", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1119" }, { "name": "1040648", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1040648" }, { "name": "GLSA-201804-11", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201804-11" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb18-08.html", "refsource": "MISC", "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-08.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2018-4936", "datePublished": "2018-05-19T17:00:00", "dateReserved": "2018-01-03T00:00:00", "dateUpdated": "2024-08-05T05:18:27.025Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-6929
Vulnerability from cvelistv5
Published
2016-09-14 18:00
Modified
2024-08-06 01:43
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201610-10 | vendor-advisory, x_refsource_GENTOO | |
https://helpx.adobe.com/security/products/flash-player/apsb16-29.html | x_refsource_CONFIRM | |
http://rhn.redhat.com/errata/RHSA-2016-1865.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/bid/92927 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1036791 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T01:43:38.568Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92927", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/92927" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036791" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-09-13T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92927", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/92927" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036791" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-6929", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201610-10", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201610-10" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92927", "refsource": "BID", "url": "http://www.securityfocus.com/bid/92927" }, { "name": "1036791", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036791" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-6929", "datePublished": "2016-09-14T18:00:00", "dateReserved": "2016-08-23T00:00:00", "dateUpdated": "2024-08-06T01:43:38.568Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-6932
Vulnerability from cvelistv5
Published
2016-09-14 18:00
Modified
2024-08-06 01:43
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, and CVE-2016-6931.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201610-10 | vendor-advisory, x_refsource_GENTOO | |
https://helpx.adobe.com/security/products/flash-player/apsb16-29.html | x_refsource_CONFIRM | |
http://rhn.redhat.com/errata/RHSA-2016-1865.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/bid/92927 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1036791 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T01:43:38.622Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92927", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/92927" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036791" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-09-13T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, and CVE-2016-6931." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92927", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/92927" }, { "name": "1036791", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036791" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-6932", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, and CVE-2016-6931." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201610-10", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201610-10" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" }, { "name": "RHSA-2016:1865", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" }, { "name": "92927", "refsource": "BID", "url": "http://www.securityfocus.com/bid/92927" }, { "name": "1036791", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036791" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-6932", "datePublished": "2016-09-14T18:00:00", "dateReserved": "2016-08-23T00:00:00", "dateUpdated": "2024-08-06T01:43:38.622Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-0998
Vulnerability from cvelistv5
Published
2016-03-12 15:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0999, and CVE-2016-1000.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html | vendor-advisory, x_refsource_SUSE | |
http://www.securitytracker.com/id/1035251 | vdb-entry, x_refsource_SECTRACK | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html | vendor-advisory, x_refsource_SUSE | |
https://www.exploit-db.com/exploits/39631/ | exploit, x_refsource_EXPLOIT-DB | |
https://security.gentoo.org/glsa/201603-07 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-08.html | x_refsource_CONFIRM | |
https://www.exploit-db.com/exploits/39612/ | exploit, x_refsource_EXPLOIT-DB | |
http://www.securityfocus.com/bid/84312 | vdb-entry, x_refsource_BID | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html | vendor-advisory, x_refsource_SUSE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.466Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "openSUSE-SU-2016:0734", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "39631", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/39631/" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "39612", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/39612/" }, { "name": "84312", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/84312" }, { "name": "SUSE-SU-2016:0716", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-03-10T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0999, and CVE-2016-1000." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-07T09:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "openSUSE-SU-2016:0734", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "39631", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/39631/" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "39612", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/39612/" }, { "name": "84312", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/84312" }, { "name": "SUSE-SU-2016:0716", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-0998", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0999, and CVE-2016-1000." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "openSUSE-SU-2016:0734", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "39631", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/39631/" }, { "name": "GLSA-201603-07", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "39612", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/39612/" }, { "name": "84312", "refsource": "BID", "url": "http://www.securityfocus.com/bid/84312" }, { "name": "SUSE-SU-2016:0716", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-0998", "datePublished": "2016-03-12T15:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.466Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2018-5007
Vulnerability from cvelistv5
Published
2018-07-20 19:00
Modified
2024-08-05 05:18
Severity ?
EPSS score ?
Summary
Adobe Flash Player 30.0.0.113 and earlier versions have a Type Confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
References
▼ | URL | Tags |
---|---|---|
https://helpx.adobe.com/security/products/flash-player/apsb18-24.html | x_refsource_CONFIRM | |
http://www.securitytracker.com/id/1041248 | vdb-entry, x_refsource_SECTRACK | |
http://www.securityfocus.com/bid/104698 | vdb-entry, x_refsource_BID | |
https://access.redhat.com/errata/RHSA-2018:2175 | vendor-advisory, x_refsource_REDHAT |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 30.0.0.113 and earlier versions |
Version: Adobe Flash Player 30.0.0.113 and earlier versions |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T05:18:27.132Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-24.html" }, { "name": "1041248", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1041248" }, { "name": "104698", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/104698" }, { "name": "RHSA-2018:2175", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:2175" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 30.0.0.113 and earlier versions", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 30.0.0.113 and earlier versions" } ] } ], "datePublic": "2018-07-20T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player 30.0.0.113 and earlier versions have a Type Confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user." } ], "problemTypes": [ { "descriptions": [ { "description": "Type Confusion", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-07-21T09:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-24.html" }, { "name": "1041248", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1041248" }, { "name": "104698", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/104698" }, { "name": "RHSA-2018:2175", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:2175" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2018-5007", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 30.0.0.113 and earlier versions", "version": { "version_data": [ { "version_value": "Adobe Flash Player 30.0.0.113 and earlier versions" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player 30.0.0.113 and earlier versions have a Type Confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Type Confusion" } ] } ] }, "references": { "reference_data": [ { "name": "https://helpx.adobe.com/security/products/flash-player/apsb18-24.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb18-24.html" }, { "name": "1041248", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1041248" }, { "name": "104698", "refsource": "BID", "url": "http://www.securityfocus.com/bid/104698" }, { "name": "RHSA-2018:2175", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2175" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2018-5007", "datePublished": "2018-07-20T19:00:00", "dateReserved": "2018-01-03T00:00:00", "dateUpdated": "2024-08-05T05:18:27.132Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-0977
Vulnerability from cvelistv5
Published
2016-02-10 20:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html | vendor-advisory, x_refsource_SUSE | |
http://www.securitytracker.com/id/1034970 | vdb-entry, x_refsource_SECTRACK | |
https://security.gentoo.org/glsa/201603-07 | vendor-advisory, x_refsource_GENTOO | |
http://rhn.redhat.com/errata/RHSA-2016-0166.html | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-04.html | x_refsource_CONFIRM | |
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html | vendor-advisory, x_refsource_SUSE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.223Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:0400", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-02-09T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-12-02T20:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:0400", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-0977", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:0400", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "name": "1034970", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034970" }, { "name": "GLSA-201603-07", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "RHSA-2016:0166", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" }, { "name": "openSUSE-SU-2016:0415", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "name": "openSUSE-SU-2016:0412", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "name": "SUSE-SU-2016:0398", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-0977", "datePublished": "2016-02-10T20:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.223Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4123
Vulnerability from cvelistv5
Published
2016-06-16 14:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
▼ | URL | Tags |
---|---|---|
http://www.securitytracker.com/id/1036117 | vdb-entry, x_refsource_SECTRACK | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083 | vendor-advisory, x_refsource_MS | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html | vendor-advisory, x_refsource_SUSE | |
https://access.redhat.com/errata/RHSA-2016:1238 | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-18.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.122Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-06-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4123", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1036117", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "RHSA-2016:1238", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4123", "datePublished": "2016-06-16T14:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.122Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-7870
Vulnerability from cvelistv5
Published
2016-12-15 06:31
Modified
2024-08-06 02:13
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class for specific search strategies. Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html | vendor-advisory, x_refsource_SUSE | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154 | vendor-advisory, x_refsource_MS | |
http://www.securityfocus.com/bid/94871 | vdb-entry, x_refsource_BID | |
https://security.gentoo.org/glsa/201701-17 | vendor-advisory, x_refsource_GENTOO | |
http://www.zerodayinitiative.com/advisories/ZDI-16-623 | x_refsource_MISC | |
http://www.securitytracker.com/id/1037442 | vdb-entry, x_refsource_SECTRACK | |
http://rhn.redhat.com/errata/RHSA-2016-2947.html | vendor-advisory, x_refsource_REDHAT | |
https://helpx.adobe.com/security/products/flash-player/apsb16-39.html | x_refsource_CONFIRM | |
http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html | vendor-advisory, x_refsource_SUSE |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier |
Version: Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T02:13:20.307Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:3148", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "name": "94871", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/94871" }, { "name": "GLSA-201701-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-623" }, { "name": "1037442", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1037442" }, { "name": "RHSA-2016:2947", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "name": "openSUSE-SU-2016:3160", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier" } ] } ], "datePublic": "2016-12-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class for specific search strategies. Successful exploitation could lead to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Buffer Overflow / Underflow", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:3148", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "name": "94871", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/94871" }, { "name": "GLSA-201701-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-623" }, { "name": "1037442", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1037442" }, { "name": "RHSA-2016:2947", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "name": "openSUSE-SU-2016:3160", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-7870", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier", "version": { "version_data": [ { "version_value": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class for specific search strategies. Successful exploitation could lead to arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Buffer Overflow / Underflow" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:3148", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "name": "94871", "refsource": "BID", "url": "http://www.securityfocus.com/bid/94871" }, { "name": "GLSA-201701-17", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201701-17" }, { "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-623", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-623" }, { "name": "1037442", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037442" }, { "name": "RHSA-2016:2947", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "name": "openSUSE-SU-2016:3160", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-7870", "datePublished": "2016-12-15T06:31:00", "dateReserved": "2016-09-09T00:00:00", "dateUpdated": "2024-08-06T02:13:20.307Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-3080
Vulnerability from cvelistv5
Published
2017-07-14 05:00
Modified
2024-08-05 14:16
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 26.0.0.131 and earlier have a security bypass vulnerability related to the Flash API used by Internet Explorer. Successful exploitation could lead to information disclosure.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/99519 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1038845 | vdb-entry, x_refsource_SECTRACK | |
https://access.redhat.com/errata/RHSA-2017:1731 | vendor-advisory, x_refsource_REDHAT | |
https://helpx.adobe.com/security/products/flash-player/apsb17-21.html | x_refsource_MISC | |
https://security.gentoo.org/glsa/201707-15 | vendor-advisory, x_refsource_GENTOO |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 26.0.0.131 and earlier. |
Version: Adobe Flash Player 26.0.0.131 and earlier. |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T14:16:27.866Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "99519", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/99519" }, { "name": "1038845", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1038845" }, { "name": "RHSA-2017:1731", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:1731" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-21.html" }, { "name": "GLSA-201707-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201707-15" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 26.0.0.131 and earlier.", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 26.0.0.131 and earlier." } ] } ], "datePublic": "2017-07-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 26.0.0.131 and earlier have a security bypass vulnerability related to the Flash API used by Internet Explorer. Successful exploitation could lead to information disclosure." } ], "problemTypes": [ { "descriptions": [ { "description": "Security Bypass", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "99519", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/99519" }, { "name": "1038845", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1038845" }, { "name": "RHSA-2017:1731", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:1731" }, { "tags": [ "x_refsource_MISC" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-21.html" }, { "name": "GLSA-201707-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201707-15" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2017-3080", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 26.0.0.131 and earlier.", "version": { "version_data": [ { "version_value": "Adobe Flash Player 26.0.0.131 and earlier." } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 26.0.0.131 and earlier have a security bypass vulnerability related to the Flash API used by Internet Explorer. Successful exploitation could lead to information disclosure." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Security Bypass" } ] } ] }, "references": { "reference_data": [ { "name": "99519", "refsource": "BID", "url": "http://www.securityfocus.com/bid/99519" }, { "name": "1038845", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1038845" }, { "name": "RHSA-2017:1731", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:1731" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb17-21.html", "refsource": "MISC", "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-21.html" }, { "name": "GLSA-201707-15", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201707-15" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2017-3080", "datePublished": "2017-07-14T05:00:00", "dateReserved": "2016-12-02T00:00:00", "dateUpdated": "2024-08-05T14:16:27.866Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-7872
Vulnerability from cvelistv5
Published
2016-12-15 06:31
Modified
2024-08-06 02:13
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the MovieClip class related to objects at multiple presentation levels. Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html | vendor-advisory, x_refsource_SUSE | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154 | vendor-advisory, x_refsource_MS | |
https://security.gentoo.org/glsa/201701-17 | vendor-advisory, x_refsource_GENTOO | |
http://www.securityfocus.com/bid/94873 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1037442 | vdb-entry, x_refsource_SECTRACK | |
http://rhn.redhat.com/errata/RHSA-2016-2947.html | vendor-advisory, x_refsource_REDHAT | |
https://helpx.adobe.com/security/products/flash-player/apsb16-39.html | x_refsource_CONFIRM | |
http://www.zerodayinitiative.com/advisories/ZDI-16-626 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html | vendor-advisory, x_refsource_SUSE |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier |
Version: Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T02:13:20.355Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:3148", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "name": "GLSA-201701-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "name": "94873", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/94873" }, { "name": "1037442", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1037442" }, { "name": "RHSA-2016:2947", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-626" }, { "name": "openSUSE-SU-2016:3160", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier" } ] } ], "datePublic": "2016-12-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the MovieClip class related to objects at multiple presentation levels. Successful exploitation could lead to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Use After Free", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "SUSE-SU-2016:3148", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "name": "GLSA-201701-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201701-17" }, { "name": "94873", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/94873" }, { "name": "1037442", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1037442" }, { "name": "RHSA-2016:2947", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-626" }, { "name": "openSUSE-SU-2016:3160", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-7872", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier", "version": { "version_data": [ { "version_value": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the MovieClip class related to objects at multiple presentation levels. Successful exploitation could lead to arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Use After Free" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:3148", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" }, { "name": "MS16-154", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" }, { "name": "GLSA-201701-17", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201701-17" }, { "name": "94873", "refsource": "BID", "url": "http://www.securityfocus.com/bid/94873" }, { "name": "1037442", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037442" }, { "name": "RHSA-2016:2947", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" }, { "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-626", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-626" }, { "name": "openSUSE-SU-2016:3160", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-7872", "datePublished": "2016-12-15T06:31:00", "dateReserved": "2016-09-09T00:00:00", "dateUpdated": "2024-08-06T02:13:20.355Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-6992
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:50
Severity ?
EPSS score ?
Summary
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion."
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/93488 | vdb-entry, x_refsource_BID | |
https://security.gentoo.org/glsa/201610-10 | vendor-advisory, x_refsource_GENTOO | |
https://helpx.adobe.com/security/products/flash-player/apsb16-32.html | x_refsource_CONFIRM | |
http://rhn.redhat.com/errata/RHSA-2016-2057.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securitytracker.com/id/1036985 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T01:50:46.648Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "93488", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/93488" }, { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "name": "RHSA-2016:2057", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "name": "1036985", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036985" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-10-11T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code by leveraging an unspecified \"type confusion.\"" } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "93488", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/93488" }, { "name": "GLSA-201610-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201610-10" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "name": "RHSA-2016:2057", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "name": "1036985", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036985" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-6992", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code by leveraging an unspecified \"type confusion.\"" } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "93488", "refsource": "BID", "url": "http://www.securityfocus.com/bid/93488" }, { "name": "GLSA-201610-10", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201610-10" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" }, { "name": "RHSA-2016:2057", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" }, { "name": "1036985", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036985" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-6992", "datePublished": "2016-10-13T19:00:00", "dateReserved": "2016-08-23T00:00:00", "dateUpdated": "2024-08-06T01:50:46.648Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-4138
Vulnerability from cvelistv5
Published
2016-06-16 14:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
References
▼ | URL | Tags |
---|---|---|
http://www.securitytracker.com/id/1036117 | vdb-entry, x_refsource_SECTRACK | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083 | vendor-advisory, x_refsource_MS | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html | vendor-advisory, x_refsource_SUSE | |
https://www.exploit-db.com/exploits/40090/ | exploit, x_refsource_EXPLOIT-DB | |
https://access.redhat.com/errata/RHSA-2016:1238 | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-18.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:17:31.172Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "40090", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/40090/" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-06-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "1036117", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "40090", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/40090/" }, { "name": "RHSA-2016:1238", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-4138", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1036117", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036117" }, { "name": "MS16-083", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "name": "openSUSE-SU-2016:1625", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "name": "40090", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/40090/" }, { "name": "RHSA-2016:1238", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1238" }, { "name": "openSUSE-SU-2016:1621", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "name": "SUSE-SU-2016:1613", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-4138", "datePublished": "2016-06-16T14:00:00", "dateReserved": "2016-04-27T00:00:00", "dateUpdated": "2024-08-06T00:17:31.172Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-2992
Vulnerability from cvelistv5
Published
2017-02-15 06:11
Modified
2024-08-05 14:09
Severity ?
EPSS score ?
Summary
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability when parsing an MP4 header. Successful exploitation could lead to arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
https://security.gentoo.org/glsa/201702-20 | vendor-advisory, x_refsource_GENTOO | |
http://rhn.redhat.com/errata/RHSA-2017-0275.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/bid/96193 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1037815 | vdb-entry, x_refsource_SECTRACK | |
https://www.exploit-db.com/exploits/41420/ | exploit, x_refsource_EXPLOIT-DB | |
https://helpx.adobe.com/security/products/flash-player/apsb17-04.html | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Adobe Flash Player 24.0.0.194 and earlier. |
Version: Adobe Flash Player 24.0.0.194 and earlier. |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T14:09:17.761Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201702-20", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201702-20" }, { "name": "RHSA-2017:0275", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "name": "96193", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/96193" }, { "name": "1037815", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1037815" }, { "name": "41420", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/41420/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Adobe Flash Player 24.0.0.194 and earlier.", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Adobe Flash Player 24.0.0.194 and earlier." } ] } ], "datePublic": "2017-02-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability when parsing an MP4 header. Successful exploitation could lead to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Heap Overflow", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "GLSA-201702-20", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201702-20" }, { "name": "RHSA-2017:0275", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "name": "96193", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/96193" }, { "name": "1037815", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1037815" }, { "name": "41420", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/41420/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2017-2992", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Adobe Flash Player 24.0.0.194 and earlier.", "version": { "version_data": [ { "version_value": "Adobe Flash Player 24.0.0.194 and earlier." } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability when parsing an MP4 header. Successful exploitation could lead to arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Heap Overflow" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201702-20", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201702-20" }, { "name": "RHSA-2017:0275", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" }, { "name": "96193", "refsource": "BID", "url": "http://www.securityfocus.com/bid/96193" }, { "name": "1037815", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037815" }, { "name": "41420", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/41420/" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2017-2992", "datePublished": "2017-02-15T06:11:00", "dateReserved": "2016-12-02T00:00:00", "dateUpdated": "2024-08-05T14:09:17.761Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-1000
Vulnerability from cvelistv5
Published
2016-03-12 15:00
Modified
2024-08-05 22:38
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, and CVE-2016-0999.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html | vendor-advisory, x_refsource_SUSE | |
http://www.securitytracker.com/id/1035251 | vdb-entry, x_refsource_SECTRACK | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html | vendor-advisory, x_refsource_SUSE | |
http://rhn.redhat.com/errata/RHSA-2016-1583.html | vendor-advisory, x_refsource_REDHAT | |
http://rhn.redhat.com/errata/RHSA-2016-1582.html | vendor-advisory, x_refsource_REDHAT | |
https://www.exploit-db.com/exploits/39610/ | exploit, x_refsource_EXPLOIT-DB | |
https://security.gentoo.org/glsa/201603-07 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html | vendor-advisory, x_refsource_SUSE | |
https://helpx.adobe.com/security/products/flash-player/apsb16-08.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/84312 | vdb-entry, x_refsource_BID | |
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html | vendor-advisory, x_refsource_SUSE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:38:41.498Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "openSUSE-SU-2016:0734", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "RHSA-2016:1583", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1583.html" }, { "name": "RHSA-2016:1582", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1582.html" }, { "name": "39610", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/39610/" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "84312", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/84312" }, { "name": "SUSE-SU-2016:0716", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-03-10T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, and CVE-2016-0999." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-07T09:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "openSUSE-SU-2016:0734", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "RHSA-2016:1583", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1583.html" }, { "name": "RHSA-2016:1582", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1582.html" }, { "name": "39610", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/39610/" }, { "name": "GLSA-201603-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "84312", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/84312" }, { "name": "SUSE-SU-2016:0716", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2016-1000", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, and CVE-2016-0999." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "openSUSE-SU-2016:0734", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" }, { "name": "1035251", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035251" }, { "name": "openSUSE-SU-2016:0719", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" }, { "name": "RHSA-2016:1583", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-1583.html" }, { "name": "RHSA-2016:1582", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-1582.html" }, { "name": "39610", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/39610/" }, { "name": "GLSA-201603-07", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-07" }, { "name": "SUSE-SU-2016:0715", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" }, { "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" }, { "name": "84312", "refsource": "BID", "url": "http://www.securityfocus.com/bid/84312" }, { "name": "SUSE-SU-2016:0716", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2016-1000", "datePublished": "2016-03-12T15:00:00", "dateReserved": "2015-12-22T00:00:00", "dateUpdated": "2024-08-05T22:38:41.498Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }