Vulnerability-Lookup

CVE-2016-4178 (GCVE-0-2016-4178)

Vulnerability from cvelistv5 – Published: 2016-07-13 01:00 – Updated: 2024-08-06 00:17

Summary

Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors.

Severity

No CVSS data available.

CWE

Assigner

adobe

References

7 references

URL	Tags
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
https://helpx.adobe.com/security/products/flash-p…	x_refsource_CONFIRM
https://access.redhat.com/errata/RHSA-2016:1423	vendor-advisoryx_refsource_REDHAT
http://www.securityfocus.com/bid/91723	vdb-entryx_refsource_BID
https://docs.microsoft.com/en-us/security-updates…	vendor-advisoryx_refsource_MS
http://www.securitytracker.com/id/1036280	vdb-entryx_refsource_SECTRACK

Date Public

2016-07-12 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T00:17:31.295Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SUSE-SU-2016:1826",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html"
          },
          {
            "name": "openSUSE-SU-2016:1802",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html"
          },
          {
            "name": "RHSA-2016:1423",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2016:1423"
          },
          {
            "name": "91723",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/91723"
          },
          {
            "name": "MS16-093",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093"
          },
          {
            "name": "1036280",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1036280"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-07-12T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01.000Z",
        "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "shortName": "adobe"
      },
      "references": [
        {
          "name": "SUSE-SU-2016:1826",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html"
        },
        {
          "name": "openSUSE-SU-2016:1802",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html"
        },
        {
          "name": "RHSA-2016:1423",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2016:1423"
        },
        {
          "name": "91723",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/91723"
        },
        {
          "name": "MS16-093",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093"
        },
        {
          "name": "1036280",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1036280"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@adobe.com",
          "ID": "CVE-2016-4178",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "SUSE-SU-2016:1826",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html"
            },
            {
              "name": "openSUSE-SU-2016:1802",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html"
            },
            {
              "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html",
              "refsource": "CONFIRM",
              "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html"
            },
            {
              "name": "RHSA-2016:1423",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2016:1423"
            },
            {
              "name": "91723",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/91723"
            },
            {
              "name": "MS16-093",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093"
            },
            {
              "name": "1036280",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1036280"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
    "assignerShortName": "adobe",
    "cveId": "CVE-2016-4178",
    "datePublished": "2016-07-13T01:00:00.000Z",
    "dateReserved": "2016-04-27T00:00:00.000Z",
    "dateUpdated": "2024-08-06T00:17:31.295Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2016-4178",
      "date": "2026-05-27",
      "epss": "0.00514",
      "percentile": "0.66791"
    },
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"22.0.0.192\", \"matchCriteriaId\": \"2882AD1A-923D-436F-9695-5132A63A6E9E\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4781BF1E-8A4E-4AFF-9540-23D523EE30DD\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*\", \"versionEndIncluding\": \"18.0.0.360\", \"matchCriteriaId\": \"5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4781BF1E-8A4E-4AFF-9540-23D523EE30DD\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*\", \"versionEndIncluding\": \"22.0.0.192\", \"matchCriteriaId\": \"1B17EE56-CEA0-4752-A11C-C7935EE1B21A\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4781BF1E-8A4E-4AFF-9540-23D523EE30DD\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*\", \"versionEndIncluding\": \"22.0.0.192\", \"matchCriteriaId\": \"BC528B44-152E-462E-AEDD-361CEDADF230\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*\", \"versionEndIncluding\": \"22.0.0.192\", \"matchCriteriaId\": \"E586D377-2A01-4058-8639-3AF4B9B12800\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"21540673-614A-4D40-8BD7-3F07723803B0\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E93068DB-549B-45AB-8E5C-00EB5D8B5CF8\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"11.2.202.626\", \"matchCriteriaId\": \"201C6239-BC3D-4DA6-B599-579D94347909\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors.\"}, {\"lang\": \"es\", \"value\": \"Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes eludir restricciones destinadas al acceso y obtener informaci\\u00f3n sensible a trav\\u00e9s de vectores no especificados.\"}]",
      "id": "CVE-2016-4178",
      "lastModified": "2024-11-21T02:51:33.867",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N\", \"baseScore\": 4.3, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 1.4}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:N/A:N\", \"baseScore\": 4.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2016-07-13T01:59:47.817",
      "references": "[{\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html\", \"source\": \"psirt@adobe.com\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html\", \"source\": \"psirt@adobe.com\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://www.securityfocus.com/bid/91723\", \"source\": \"psirt@adobe.com\", \"tags\": [\"Broken Link\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1036280\", \"source\": \"psirt@adobe.com\", \"tags\": [\"Broken Link\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2016:1423\", \"source\": \"psirt@adobe.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093\", \"source\": \"psirt@adobe.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://helpx.adobe.com/security/products/flash-player/apsb16-25.html\", \"source\": \"psirt@adobe.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://www.securityfocus.com/bid/91723\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1036280\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2016:1423\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://helpx.adobe.com/security/products/flash-player/apsb16-25.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "psirt@adobe.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-863\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2016-4178\",\"sourceIdentifier\":\"psirt@adobe.com\",\"published\":\"2016-07-13T01:59:47.817\",\"lastModified\":\"2026-05-06T22:30:45.220\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors.\"},{\"lang\":\"es\",\"value\":\"Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes eludir restricciones destinadas al acceso y obtener informaci\u00f3n sensible a trav\u00e9s de vectores no especificados.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N\",\"baseScore\":4.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:N/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-863\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"22.0.0.192\",\"matchCriteriaId\":\"2882AD1A-923D-436F-9695-5132A63A6E9E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4781BF1E-8A4E-4AFF-9540-23D523EE30DD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*\",\"versionEndIncluding\":\"18.0.0.360\",\"matchCriteriaId\":\"5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4781BF1E-8A4E-4AFF-9540-23D523EE30DD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*\",\"versionEndIncluding\":\"22.0.0.192\",\"matchCriteriaId\":\"1B17EE56-CEA0-4752-A11C-C7935EE1B21A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4781BF1E-8A4E-4AFF-9540-23D523EE30DD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*\",\"versionEndIncluding\":\"22.0.0.192\",\"matchCriteriaId\":\"BC528B44-152E-462E-AEDD-361CEDADF230\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*\",\"versionEndIncluding\":\"22.0.0.192\",\"matchCriteriaId\":\"E586D377-2A01-4058-8639-3AF4B9B12800\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"21540673-614A-4D40-8BD7-3F07723803B0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E93068DB-549B-45AB-8E5C-00EB5D8B5CF8\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"11.2.202.626\",\"matchCriteriaId\":\"201C6239-BC3D-4DA6-B599-579D94347909\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.securityfocus.com/bid/91723\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1036280\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2016:1423\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://helpx.adobe.com/security/products/flash-player/apsb16-25.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.securityfocus.com/bid/91723\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1036280\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2016:1423\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://helpx.adobe.com/security/products/flash-player/apsb16-25.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}"
  }
}

CERTFR-2016-AVI-228

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans Microsoft Internet Explorer. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un contournement de la politique de sécurité et une atteinte à l'intégrité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	N/A	Internet Explorer 9
Microsoft	N/A	Internet Explorer 10
Microsoft	N/A	Internet Explorer 11

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft MS16-093 du 12 juillet 2016	None	vendor-advisory
Bulletin de sécurité Microsoft MS16-084 du 12 juillet 2016	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Internet Explorer 9",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Internet Explorer 10",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Internet Explorer 11",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2016-4174",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4174"
    },
    {
      "name": "CVE-2016-4182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4182"
    },
    {
      "name": "CVE-2016-3245",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3245"
    },
    {
      "name": "CVE-2016-3243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3243"
    },
    {
      "name": "CVE-2016-4232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4232"
    },
    {
      "name": "CVE-2016-4188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4188"
    },
    {
      "name": "CVE-2016-3261",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3261"
    },
    {
      "name": "CVE-2016-4225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4225"
    },
    {
      "name": "CVE-2016-4178",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4178"
    },
    {
      "name": "CVE-2016-4222",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4222"
    },
    {
      "name": "CVE-2016-4230",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4230"
    },
    {
      "name": "CVE-2016-4176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4176"
    },
    {
      "name": "CVE-2016-4249",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4249"
    },
    {
      "name": "CVE-2016-4179",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4179"
    },
    {
      "name": "CVE-2016-3277",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3277"
    },
    {
      "name": "CVE-2016-4228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4228"
    },
    {
      "name": "CVE-2016-3259",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3259"
    },
    {
      "name": "CVE-2016-3248",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3248"
    },
    {
      "name": "CVE-2016-4248",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4248"
    },
    {
      "name": "CVE-2016-4226",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4226"
    },
    {
      "name": "CVE-2016-4227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4227"
    },
    {
      "name": "CVE-2016-4223",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4223"
    },
    {
      "name": "CVE-2016-4231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4231"
    },
    {
      "name": "CVE-2016-4247",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4247"
    },
    {
      "name": "CVE-2016-3260",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3260"
    },
    {
      "name": "CVE-2016-3204",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3204"
    },
    {
      "name": "CVE-2016-3273",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3273"
    },
    {
      "name": "CVE-2016-4185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4185"
    },
    {
      "name": "CVE-2016-3274",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3274"
    },
    {
      "name": "CVE-2016-3241",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3241"
    },
    {
      "name": "CVE-2016-3276",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3276"
    },
    {
      "name": "CVE-2016-4229",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4229"
    },
    {
      "name": "CVE-2016-4175",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4175"
    },
    {
      "name": "CVE-2016-4224",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4224"
    },
    {
      "name": "CVE-2016-4177",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4177"
    },
    {
      "name": "CVE-2016-4173",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4173"
    },
    {
      "name": "CVE-2016-3242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3242"
    },
    {
      "name": "CVE-2016-3240",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3240"
    }
  ],
  "links": [],
  "reference": "CERTFR-2016-AVI-228",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2016-07-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eMicrosoft Internet Explorer\u003c/span\u003e. Certaines d\u0027entre\nelles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code\narbitraire \u00e0 distance, un contournement de la politique de s\u00e9curit\u00e9 et\nune atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Internet Explorer",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS16-093 du 12 juillet 2016",
      "url": "https://technet.microsoft.com/fr-fr/library/security/MS16-093"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS16-084 du 12 juillet 2016",
      "url": "https://technet.microsoft.com/fr-fr/library/security/MS16-084"
    }
  ]
}

CERTFR-2016-AVI-229

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans Microsoft Edge. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un contournement de la politique de sécurité et une atteinte à l'intégrité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Microsoft Edge sur Windows 10

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft MS16-093 du 12 juillet 2016	None	vendor-advisory
Bulletin de sécurité Microsoft MS16-085 du 12 juillet 2016	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eMicrosoft Edge sur Windows 10\u003c/P\u003e",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2016-4174",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4174"
    },
    {
      "name": "CVE-2016-4182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4182"
    },
    {
      "name": "CVE-2016-3265",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3265"
    },
    {
      "name": "CVE-2016-4232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4232"
    },
    {
      "name": "CVE-2016-4188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4188"
    },
    {
      "name": "CVE-2016-4225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4225"
    },
    {
      "name": "CVE-2016-4178",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4178"
    },
    {
      "name": "CVE-2016-4222",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4222"
    },
    {
      "name": "CVE-2016-4230",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4230"
    },
    {
      "name": "CVE-2016-4176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4176"
    },
    {
      "name": "CVE-2016-4249",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4249"
    },
    {
      "name": "CVE-2016-4179",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4179"
    },
    {
      "name": "CVE-2016-3244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3244"
    },
    {
      "name": "CVE-2016-3277",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3277"
    },
    {
      "name": "CVE-2016-4228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4228"
    },
    {
      "name": "CVE-2016-3259",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3259"
    },
    {
      "name": "CVE-2016-3248",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3248"
    },
    {
      "name": "CVE-2016-4248",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4248"
    },
    {
      "name": "CVE-2016-4226",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4226"
    },
    {
      "name": "CVE-2016-4227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4227"
    },
    {
      "name": "CVE-2016-4223",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4223"
    },
    {
      "name": "CVE-2016-4231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4231"
    },
    {
      "name": "CVE-2016-4247",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4247"
    },
    {
      "name": "CVE-2016-3260",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3260"
    },
    {
      "name": "CVE-2016-3273",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3273"
    },
    {
      "name": "CVE-2016-4185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4185"
    },
    {
      "name": "CVE-2016-3246",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3246"
    },
    {
      "name": "CVE-2016-3274",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3274"
    },
    {
      "name": "CVE-2016-3269",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3269"
    },
    {
      "name": "CVE-2016-3271",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3271"
    },
    {
      "name": "CVE-2016-3276",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3276"
    },
    {
      "name": "CVE-2016-3264",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3264"
    },
    {
      "name": "CVE-2016-4229",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4229"
    },
    {
      "name": "CVE-2016-4175",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4175"
    },
    {
      "name": "CVE-2016-4224",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4224"
    },
    {
      "name": "CVE-2016-4177",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4177"
    },
    {
      "name": "CVE-2016-4173",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4173"
    }
  ],
  "links": [],
  "reference": "CERTFR-2016-AVI-229",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2016-07-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eMicrosoft Edge\u003c/span\u003e. Certaines d\u0027entre elles permettent\n\u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance,\nun contournement de la politique de s\u00e9curit\u00e9 et une atteinte \u00e0\nl\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Edge",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS16-093 du 12 juillet 2016",
      "url": "https://technet.microsoft.com/fr-fr/library/security/MS16-093"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS16-085 du 12 juillet 2016",
      "url": "https://technet.microsoft.com/fr-fr/library/security/MS16-085"
    }
  ]
}

CERTFR-2016-AVI-234

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans Adobe Flash Player. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Adobe	N/A	Adobe Flash Player ESR versions antérieures à 18.0.0.366 sur Windows et Macintosh
Adobe	N/A	Adobe Flash Player pour Microsoft Edge et Internet Explorer 11 versions antérieures à 22.0.0.209 sur Windows 10 et 8.1
Adobe	N/A	Adobe Flash Player pour Google Chrome versions antérieures à 22.0.0.209 sur Windows, Macintosh, Linux et ChromeOS
Adobe	N/A	Adobe Flash Player Desktop Runtime versions antérieures à 22.0.0.209 sur Windows et Macintosh
Adobe	N/A	Adobe Flash Player pour Linux versions antérieures à 11.2.202.632 sur Linux

References

Title

Publication Time

Tags

Bulletin de sécurité Adobe APSB16-25 du 12 juillet 2016

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Adobe Flash Player ESR versions ant\u00e9rieures \u00e0 18.0.0.366 sur Windows et Macintosh",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Adobe Flash Player pour Microsoft Edge et Internet Explorer 11 versions ant\u00e9rieures \u00e0 22.0.0.209 sur Windows 10 et 8.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Adobe Flash Player pour Google Chrome versions ant\u00e9rieures \u00e0 22.0.0.209 sur Windows, Macintosh, Linux et ChromeOS",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Adobe Flash Player Desktop Runtime versions ant\u00e9rieures \u00e0 22.0.0.209 sur Windows et Macintosh",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Adobe Flash Player pour Linux versions ant\u00e9rieures \u00e0 11.2.202.632 sur Linux",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2016-4174",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4174"
    },
    {
      "name": "CVE-2016-4182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4182"
    },
    {
      "name": "CVE-2016-4233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4233"
    },
    {
      "name": "CVE-2016-4236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4236"
    },
    {
      "name": "CVE-2016-4234",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4234"
    },
    {
      "name": "CVE-2016-4232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4232"
    },
    {
      "name": "CVE-2016-4188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4188"
    },
    {
      "name": "CVE-2016-4241",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4241"
    },
    {
      "name": "CVE-2016-4186",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4186"
    },
    {
      "name": "CVE-2016-4225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4225"
    },
    {
      "name": "CVE-2016-4178",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4178"
    },
    {
      "name": "CVE-2016-4240",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4240"
    },
    {
      "name": "CVE-2016-4220",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4220"
    },
    {
      "name": "CVE-2016-4189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4189"
    },
    {
      "name": "CVE-2016-4217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4217"
    },
    {
      "name": "CVE-2016-4184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4184"
    },
    {
      "name": "CVE-2016-4222",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4222"
    },
    {
      "name": "CVE-2016-4172",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4172"
    },
    {
      "name": "CVE-2016-4237",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4237"
    },
    {
      "name": "CVE-2016-4219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4219"
    },
    {
      "name": "CVE-2016-4230",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4230"
    },
    {
      "name": "CVE-2016-4176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4176"
    },
    {
      "name": "CVE-2016-4249",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4249"
    },
    {
      "name": "CVE-2016-4179",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4179"
    },
    {
      "name": "CVE-2016-4218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4218"
    },
    {
      "name": "CVE-2016-4228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4228"
    },
    {
      "name": "CVE-2016-4248",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4248"
    },
    {
      "name": "CVE-2016-4226",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4226"
    },
    {
      "name": "CVE-2016-4227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4227"
    },
    {
      "name": "CVE-2016-4223",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4223"
    },
    {
      "name": "CVE-2016-4231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4231"
    },
    {
      "name": "CVE-2016-4247",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4247"
    },
    {
      "name": "CVE-2016-4244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4244"
    },
    {
      "name": "CVE-2016-4245",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4245"
    },
    {
      "name": "CVE-2016-4243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4243"
    },
    {
      "name": "CVE-2016-4185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4185"
    },
    {
      "name": "CVE-2016-4180",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4180"
    },
    {
      "name": "CVE-2016-4181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4181"
    },
    {
      "name": "CVE-2016-4190",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4190"
    },
    {
      "name": "CVE-2016-4239",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4239"
    },
    {
      "name": "CVE-2016-4183",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4183"
    },
    {
      "name": "CVE-2016-4221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4221"
    },
    {
      "name": "CVE-2016-4235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4235"
    },
    {
      "name": "CVE-2016-4238",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4238"
    },
    {
      "name": "CVE-2016-4246",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4246"
    },
    {
      "name": "CVE-2016-4229",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4229"
    },
    {
      "name": "CVE-2016-4187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4187"
    },
    {
      "name": "CVE-2016-4175",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4175"
    },
    {
      "name": "CVE-2016-4224",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4224"
    },
    {
      "name": "CVE-2016-4177",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4177"
    },
    {
      "name": "CVE-2016-4173",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4173"
    },
    {
      "name": "CVE-2016-4242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4242"
    }
  ],
  "links": [],
  "reference": "CERTFR-2016-AVI-234",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2016-07-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eAdobe Flash Player\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance et\nune atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Adobe Flash Player",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Adobe APSB16-25 du 12 juillet 2016",
      "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html"
    }
  ]
}

CERTFR-2016-AVI-228

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	N/A	Internet Explorer 9
Microsoft	N/A	Internet Explorer 10
Microsoft	N/A	Internet Explorer 11

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft MS16-093 du 12 juillet 2016	None	vendor-advisory
Bulletin de sécurité Microsoft MS16-084 du 12 juillet 2016	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Internet Explorer 9",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Internet Explorer 10",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Internet Explorer 11",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2016-4174",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4174"
    },
    {
      "name": "CVE-2016-4182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4182"
    },
    {
      "name": "CVE-2016-3245",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3245"
    },
    {
      "name": "CVE-2016-3243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3243"
    },
    {
      "name": "CVE-2016-4232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4232"
    },
    {
      "name": "CVE-2016-4188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4188"
    },
    {
      "name": "CVE-2016-3261",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3261"
    },
    {
      "name": "CVE-2016-4225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4225"
    },
    {
      "name": "CVE-2016-4178",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4178"
    },
    {
      "name": "CVE-2016-4222",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4222"
    },
    {
      "name": "CVE-2016-4230",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4230"
    },
    {
      "name": "CVE-2016-4176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4176"
    },
    {
      "name": "CVE-2016-4249",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4249"
    },
    {
      "name": "CVE-2016-4179",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4179"
    },
    {
      "name": "CVE-2016-3277",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3277"
    },
    {
      "name": "CVE-2016-4228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4228"
    },
    {
      "name": "CVE-2016-3259",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3259"
    },
    {
      "name": "CVE-2016-3248",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3248"
    },
    {
      "name": "CVE-2016-4248",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4248"
    },
    {
      "name": "CVE-2016-4226",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4226"
    },
    {
      "name": "CVE-2016-4227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4227"
    },
    {
      "name": "CVE-2016-4223",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4223"
    },
    {
      "name": "CVE-2016-4231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4231"
    },
    {
      "name": "CVE-2016-4247",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4247"
    },
    {
      "name": "CVE-2016-3260",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3260"
    },
    {
      "name": "CVE-2016-3204",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3204"
    },
    {
      "name": "CVE-2016-3273",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3273"
    },
    {
      "name": "CVE-2016-4185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4185"
    },
    {
      "name": "CVE-2016-3274",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3274"
    },
    {
      "name": "CVE-2016-3241",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3241"
    },
    {
      "name": "CVE-2016-3276",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3276"
    },
    {
      "name": "CVE-2016-4229",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4229"
    },
    {
      "name": "CVE-2016-4175",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4175"
    },
    {
      "name": "CVE-2016-4224",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4224"
    },
    {
      "name": "CVE-2016-4177",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4177"
    },
    {
      "name": "CVE-2016-4173",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4173"
    },
    {
      "name": "CVE-2016-3242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3242"
    },
    {
      "name": "CVE-2016-3240",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3240"
    }
  ],
  "links": [],
  "reference": "CERTFR-2016-AVI-228",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2016-07-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eMicrosoft Internet Explorer\u003c/span\u003e. Certaines d\u0027entre\nelles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code\narbitraire \u00e0 distance, un contournement de la politique de s\u00e9curit\u00e9 et\nune atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Internet Explorer",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS16-093 du 12 juillet 2016",
      "url": "https://technet.microsoft.com/fr-fr/library/security/MS16-093"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS16-084 du 12 juillet 2016",
      "url": "https://technet.microsoft.com/fr-fr/library/security/MS16-084"
    }
  ]
}

CERTFR-2016-AVI-229

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Microsoft Edge sur Windows 10

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft MS16-093 du 12 juillet 2016	None	vendor-advisory
Bulletin de sécurité Microsoft MS16-085 du 12 juillet 2016	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eMicrosoft Edge sur Windows 10\u003c/P\u003e",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2016-4174",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4174"
    },
    {
      "name": "CVE-2016-4182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4182"
    },
    {
      "name": "CVE-2016-3265",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3265"
    },
    {
      "name": "CVE-2016-4232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4232"
    },
    {
      "name": "CVE-2016-4188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4188"
    },
    {
      "name": "CVE-2016-4225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4225"
    },
    {
      "name": "CVE-2016-4178",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4178"
    },
    {
      "name": "CVE-2016-4222",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4222"
    },
    {
      "name": "CVE-2016-4230",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4230"
    },
    {
      "name": "CVE-2016-4176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4176"
    },
    {
      "name": "CVE-2016-4249",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4249"
    },
    {
      "name": "CVE-2016-4179",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4179"
    },
    {
      "name": "CVE-2016-3244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3244"
    },
    {
      "name": "CVE-2016-3277",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3277"
    },
    {
      "name": "CVE-2016-4228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4228"
    },
    {
      "name": "CVE-2016-3259",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3259"
    },
    {
      "name": "CVE-2016-3248",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3248"
    },
    {
      "name": "CVE-2016-4248",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4248"
    },
    {
      "name": "CVE-2016-4226",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4226"
    },
    {
      "name": "CVE-2016-4227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4227"
    },
    {
      "name": "CVE-2016-4223",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4223"
    },
    {
      "name": "CVE-2016-4231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4231"
    },
    {
      "name": "CVE-2016-4247",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4247"
    },
    {
      "name": "CVE-2016-3260",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3260"
    },
    {
      "name": "CVE-2016-3273",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3273"
    },
    {
      "name": "CVE-2016-4185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4185"
    },
    {
      "name": "CVE-2016-3246",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3246"
    },
    {
      "name": "CVE-2016-3274",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3274"
    },
    {
      "name": "CVE-2016-3269",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3269"
    },
    {
      "name": "CVE-2016-3271",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3271"
    },
    {
      "name": "CVE-2016-3276",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3276"
    },
    {
      "name": "CVE-2016-3264",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3264"
    },
    {
      "name": "CVE-2016-4229",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4229"
    },
    {
      "name": "CVE-2016-4175",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4175"
    },
    {
      "name": "CVE-2016-4224",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4224"
    },
    {
      "name": "CVE-2016-4177",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4177"
    },
    {
      "name": "CVE-2016-4173",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4173"
    }
  ],
  "links": [],
  "reference": "CERTFR-2016-AVI-229",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2016-07-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eMicrosoft Edge\u003c/span\u003e. Certaines d\u0027entre elles permettent\n\u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance,\nun contournement de la politique de s\u00e9curit\u00e9 et une atteinte \u00e0\nl\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Edge",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS16-093 du 12 juillet 2016",
      "url": "https://technet.microsoft.com/fr-fr/library/security/MS16-093"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS16-085 du 12 juillet 2016",
      "url": "https://technet.microsoft.com/fr-fr/library/security/MS16-085"
    }
  ]
}

CERTFR-2016-AVI-234

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Adobe	N/A	Adobe Flash Player ESR versions antérieures à 18.0.0.366 sur Windows et Macintosh
Adobe	N/A	Adobe Flash Player pour Microsoft Edge et Internet Explorer 11 versions antérieures à 22.0.0.209 sur Windows 10 et 8.1
Adobe	N/A	Adobe Flash Player pour Google Chrome versions antérieures à 22.0.0.209 sur Windows, Macintosh, Linux et ChromeOS
Adobe	N/A	Adobe Flash Player Desktop Runtime versions antérieures à 22.0.0.209 sur Windows et Macintosh
Adobe	N/A	Adobe Flash Player pour Linux versions antérieures à 11.2.202.632 sur Linux

References

Title

Publication Time

Tags

Bulletin de sécurité Adobe APSB16-25 du 12 juillet 2016

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Adobe Flash Player ESR versions ant\u00e9rieures \u00e0 18.0.0.366 sur Windows et Macintosh",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Adobe Flash Player pour Microsoft Edge et Internet Explorer 11 versions ant\u00e9rieures \u00e0 22.0.0.209 sur Windows 10 et 8.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Adobe Flash Player pour Google Chrome versions ant\u00e9rieures \u00e0 22.0.0.209 sur Windows, Macintosh, Linux et ChromeOS",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Adobe Flash Player Desktop Runtime versions ant\u00e9rieures \u00e0 22.0.0.209 sur Windows et Macintosh",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Adobe Flash Player pour Linux versions ant\u00e9rieures \u00e0 11.2.202.632 sur Linux",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2016-4174",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4174"
    },
    {
      "name": "CVE-2016-4182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4182"
    },
    {
      "name": "CVE-2016-4233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4233"
    },
    {
      "name": "CVE-2016-4236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4236"
    },
    {
      "name": "CVE-2016-4234",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4234"
    },
    {
      "name": "CVE-2016-4232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4232"
    },
    {
      "name": "CVE-2016-4188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4188"
    },
    {
      "name": "CVE-2016-4241",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4241"
    },
    {
      "name": "CVE-2016-4186",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4186"
    },
    {
      "name": "CVE-2016-4225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4225"
    },
    {
      "name": "CVE-2016-4178",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4178"
    },
    {
      "name": "CVE-2016-4240",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4240"
    },
    {
      "name": "CVE-2016-4220",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4220"
    },
    {
      "name": "CVE-2016-4189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4189"
    },
    {
      "name": "CVE-2016-4217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4217"
    },
    {
      "name": "CVE-2016-4184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4184"
    },
    {
      "name": "CVE-2016-4222",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4222"
    },
    {
      "name": "CVE-2016-4172",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4172"
    },
    {
      "name": "CVE-2016-4237",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4237"
    },
    {
      "name": "CVE-2016-4219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4219"
    },
    {
      "name": "CVE-2016-4230",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4230"
    },
    {
      "name": "CVE-2016-4176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4176"
    },
    {
      "name": "CVE-2016-4249",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4249"
    },
    {
      "name": "CVE-2016-4179",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4179"
    },
    {
      "name": "CVE-2016-4218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4218"
    },
    {
      "name": "CVE-2016-4228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4228"
    },
    {
      "name": "CVE-2016-4248",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4248"
    },
    {
      "name": "CVE-2016-4226",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4226"
    },
    {
      "name": "CVE-2016-4227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4227"
    },
    {
      "name": "CVE-2016-4223",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4223"
    },
    {
      "name": "CVE-2016-4231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4231"
    },
    {
      "name": "CVE-2016-4247",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4247"
    },
    {
      "name": "CVE-2016-4244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4244"
    },
    {
      "name": "CVE-2016-4245",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4245"
    },
    {
      "name": "CVE-2016-4243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4243"
    },
    {
      "name": "CVE-2016-4185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4185"
    },
    {
      "name": "CVE-2016-4180",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4180"
    },
    {
      "name": "CVE-2016-4181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4181"
    },
    {
      "name": "CVE-2016-4190",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4190"
    },
    {
      "name": "CVE-2016-4239",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4239"
    },
    {
      "name": "CVE-2016-4183",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4183"
    },
    {
      "name": "CVE-2016-4221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4221"
    },
    {
      "name": "CVE-2016-4235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4235"
    },
    {
      "name": "CVE-2016-4238",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4238"
    },
    {
      "name": "CVE-2016-4246",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4246"
    },
    {
      "name": "CVE-2016-4229",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4229"
    },
    {
      "name": "CVE-2016-4187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4187"
    },
    {
      "name": "CVE-2016-4175",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4175"
    },
    {
      "name": "CVE-2016-4224",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4224"
    },
    {
      "name": "CVE-2016-4177",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4177"
    },
    {
      "name": "CVE-2016-4173",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4173"
    },
    {
      "name": "CVE-2016-4242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4242"
    }
  ],
  "links": [],
  "reference": "CERTFR-2016-AVI-234",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2016-07-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eAdobe Flash Player\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance et\nune atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Adobe Flash Player",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Adobe APSB16-25 du 12 juillet 2016",
      "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html"
    }
  ]
}

BDU:2016-01815

Vulnerability from fstec - Published: 13.07.2016

Title

Уязвимость программной платформы Flash Player, позволяющая нарушителю получить конфиденциальную информацию или обойти существующие ограничения доступа

Description

Уязвимость программной платформы Flash Player связана с отсутствием защиты служебных данных. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, обойти существующие ограничения доступа или получить конфиденциальную информацию

Severity

Vendor

Adobe Systems Inc.

Software Name

Flash Player, Flash Player for Linux

Software Version

до 18.0.0.366 (Flash Player), от 19.0 до 22.0.0.209 (Flash Player), до 11.2.202.632 (Flash Player for Linux)

Possible Mitigations

Использование рекомендаций производителя: https://helpx.adobe.com/security/products/flash-player/apsb16-25.html

Reference

https://helpx.adobe.com/security/products/flash-player/apsb16-25.html

CWE

CWE-200

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
  "CVSS 3.0": null,
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Adobe Systems Inc.",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u0434\u043e 18.0.0.366 (Flash Player), \u043e\u0442 19.0 \u0434\u043e 22.0.0.209 (Flash Player), \u0434\u043e 11.2.202.632 (Flash Player for Linux)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f:\nhttps://helpx.adobe.com/security/products/flash-player/apsb16-25.html",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "13.07.2016",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "23.03.2021",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "03.08.2016",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2016-01815",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2016-4178",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u044b",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Flash Player, Flash Player for Linux",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux . 64-bit, \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux . 32-bit, Apple Inc. MacOS X 32-bit, \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux . PowerPC, Microsoft Corp Windows - 64-bit, Microsoft Corp Windows - 32-bit, Apple Inc. MacOS X 64-bit, Apple Inc. MacOS X PowerPC, \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux . ARM, Microsoft Corp Windows - ARM, Apple Inc. MacOS X ARM",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b Flash Player, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u0438\u043b\u0438 \u043e\u0431\u043e\u0439\u0442\u0438 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0420\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 (CWE-200)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b Flash Player \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435\u043c \u0437\u0430\u0449\u0438\u0442\u044b \u0441\u043b\u0443\u0436\u0435\u0431\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u043e\u0431\u043e\u0439\u0442\u0438 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0438\u043b\u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": "-",
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-200",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5)"
}

CNVD-2016-04759

Vulnerability from cnvd - Published: 2016-07-14

Title

Adobe Flash Player信息泄露漏洞（CNVD-2016-04759）

Description

Adobe Flash Player是美国奥多比（Adobe）公司的一款跨平台、基于浏览器的多媒体播放器产品。该产品支持跨屏幕和浏览器查看应用程序、内容和视频。 Adobe Flash Player中存在安全漏洞。攻击者可利用该漏洞绕过既定的访问限制，获取敏感信息。

Severity

中

Patch Name

Adobe Flash Player信息泄露漏洞（CNVD-2016-04759）的补丁

Patch Description

Adobe Flash Player是美国奥多比（Adobe）公司的一款跨平台、基于浏览器的多媒体播放器产品。该产品支持跨屏幕和浏览器查看应用程序、内容和视频。 Adobe Flash Player中存在安全漏洞。攻击者可利用该漏洞绕过既定的访问限制，获取敏感信息。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已经发布了升级补丁以修复此安全问题，补丁获取链接： https://helpx.adobe.com/security/products/flash-player/apsb16-25.html

Reference

https://helpx.adobe.com/security/products/flash-player/apsb16-25.html

Impacted products

Name
['Adobe Flash Player <18.0.0.366', 'Adobe Flash Player(on Linux) <11.2.202.632', 'Adobe Flash Player(on Windows/OS X) >=19.*，<=22.0.0.209']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "91723"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-4178"
    }
  },
  "description": "Adobe Flash Player\u662f\u7f8e\u56fd\u5965\u591a\u6bd4\uff08Adobe\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u8de8\u5e73\u53f0\u3001\u57fa\u4e8e\u6d4f\u89c8\u5668\u7684\u591a\u5a92\u4f53\u64ad\u653e\u5668\u4ea7\u54c1\u3002\u8be5\u4ea7\u54c1\u652f\u6301\u8de8\u5c4f\u5e55\u548c\u6d4f\u89c8\u5668\u67e5\u770b\u5e94\u7528\u7a0b\u5e8f\u3001\u5185\u5bb9\u548c\u89c6\u9891\u3002\r\n\r\nAdobe Flash Player\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7\u65e2\u5b9a\u7684\u8bbf\u95ee\u9650\u5236\uff0c\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u3002",
  "discovererName": "Soroush Dalili from NCC Group",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://helpx.adobe.com/security/products/flash-player/apsb16-25.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-04759",
  "openTime": "2016-07-14",
  "patchDescription": "Adobe Flash Player\u662f\u7f8e\u56fd\u5965\u591a\u6bd4\uff08Adobe\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u8de8\u5e73\u53f0\u3001\u57fa\u4e8e\u6d4f\u89c8\u5668\u7684\u591a\u5a92\u4f53\u64ad\u653e\u5668\u4ea7\u54c1\u3002\u8be5\u4ea7\u54c1\u652f\u6301\u8de8\u5c4f\u5e55\u548c\u6d4f\u89c8\u5668\u67e5\u770b\u5e94\u7528\u7a0b\u5e8f\u3001\u5185\u5bb9\u548c\u89c6\u9891\u3002\r\n\r\nAdobe Flash Player\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7\u65e2\u5b9a\u7684\u8bbf\u95ee\u9650\u5236\uff0c\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Adobe Flash Player\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff08CNVD-2016-04759\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Adobe Flash Player \u003c18.0.0.366",
      "Adobe Flash Player(on Linux) \u003c11.2.202.632",
      "Adobe Flash Player(on Windows/OS X) \u003e=19.*\uff0c\u003c=22.0.0.209"
    ]
  },
  "referenceLink": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html",
  "serverity": "\u4e2d",
  "submitTime": "2016-07-13",
  "title": "Adobe Flash Player\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff08CNVD-2016-04759\uff09"
}

FKIE_CVE-2016-4178

Vulnerability from fkie_nvd - Published: 2016-07-13 01:59 - Updated: 2026-05-06 22:30

Severity

4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Summary

References

URL	Tags
psirt@adobe.com	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html	Broken Link
psirt@adobe.com	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html	Broken Link
psirt@adobe.com	http://www.securityfocus.com/bid/91723	Broken Link, Third Party Advisory, VDB Entry
psirt@adobe.com	http://www.securitytracker.com/id/1036280	Broken Link, Third Party Advisory, VDB Entry
psirt@adobe.com	https://access.redhat.com/errata/RHSA-2016:1423	Third Party Advisory
psirt@adobe.com	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093	Patch, Vendor Advisory
psirt@adobe.com	https://helpx.adobe.com/security/products/flash-player/apsb16-25.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/91723	Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1036280	Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2016:1423	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://helpx.adobe.com/security/products/flash-player/apsb16-25.html	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
adobe	flash_player_desktop_runtime	*
apple	mac_os_x	-
microsoft	windows	-
adobe	flash_player	*
apple	mac_os_x	-
microsoft	windows	-
adobe	flash_player	*
apple	mac_os_x	-
google	chrome_os	-
linux	linux_kernel	-
microsoft	windows	-
adobe	flash_player	*
adobe	flash_player	*
microsoft	windows_10	-
microsoft	windows_8.1	-
adobe	flash_player	*
linux	linux_kernel	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2882AD1A-923D-436F-9695-5132A63A6E9E",
              "versionEndIncluding": "22.0.0.192",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*",
              "matchCriteriaId": "5E1CBE9D-0D76-4373-9C8E-1D96F7FBDFA5",
              "versionEndIncluding": "18.0.0.360",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*",
              "matchCriteriaId": "1B17EE56-CEA0-4752-A11C-C7935EE1B21A",
              "versionEndIncluding": "22.0.0.192",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*",
              "matchCriteriaId": "BC528B44-152E-462E-AEDD-361CEDADF230",
              "versionEndIncluding": "22.0.0.192",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*",
              "matchCriteriaId": "E586D377-2A01-4058-8639-3AF4B9B12800",
              "versionEndIncluding": "22.0.0.192",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "201C6239-BC3D-4DA6-B599-579D94347909",
              "versionEndIncluding": "11.2.202.626",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versi\u00f3n 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes eludir restricciones destinadas al acceso y obtener informaci\u00f3n sensible a trav\u00e9s de vectores no especificados."
    }
  ],
  "id": "CVE-2016-4178",
  "lastModified": "2026-05-06T22:30:45.220",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-07-13T01:59:47.817",
  "references": [
    {
      "source": "psirt@adobe.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html"
    },
    {
      "source": "psirt@adobe.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html"
    },
    {
      "source": "psirt@adobe.com",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/91723"
    },
    {
      "source": "psirt@adobe.com",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1036280"
    },
    {
      "source": "psirt@adobe.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2016:1423"
    },
    {
      "source": "psirt@adobe.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093"
    },
    {
      "source": "psirt@adobe.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/91723"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1036280"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2016:1423"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html"
    }
  ],
  "sourceIdentifier": "psirt@adobe.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-863"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-32FR-79CM-96P3

Vulnerability from github – Published: 2022-05-14 02:22 – Updated: 2022-05-14 02:22

Details

Severity

5.3 (Medium)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2016-4178"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-863"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2016-07-13T01:59:00Z",
    "severity": "MODERATE"
  },
  "details": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors.",
  "id": "GHSA-32fr-79cm-96p3",
  "modified": "2022-05-14T02:22:51Z",
  "published": "2022-05-14T02:22:51Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4178"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2016:1423"
    },
    {
      "type": "WEB",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093"
    },
    {
      "type": "WEB",
      "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/91723"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1036280"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2016-4178 (GCVE-0-2016-4178)

Solution

Solution

Solution

Solution

Solution

Solution

Tags

Sightings

Nomenclature