CVE-2016-4117

Published May 11, 2016

Last updated 4 months ago

Exploit known

Overview

Description: Adobe Flash Player 21.0.0.226 and earlier allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in May 2016.
Source: psirt@adobe.com
NVD status: Analyzed

Hype score: Not currently trending

Risk scores

CVSS 3.1

Type: Primary
Base score: 9.8
Impact score: 5.9
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: CRITICAL

CVSS 2.0

Type: Primary
Base score: 10
Impact score: 10
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:C/I:C/A:C

Known exploits

Data from CISA

Vulnerability name: Adobe Flash Player Arbitrary Code Execution Vulnerability
Exploit added on: Mar 3, 2022
Exploit action due: Mar 24, 2022
Required action: The impacted product is end-of-life and should be disconnected if still in use.

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A1C74EF5-8D72-403B-AA35-F5D4FCA3BFE0",
            "versionEndIncluding": "21.0.0.226"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8821E5FE-319D-40AB-A515-D56C1893E6F8"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0AE981D4-0CA1-46FA-8E91-E1A4D5B31383"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:opensuse:evergreen:11.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CCE4D64E-8C4B-4F21-A9B0-90637C85C1D0"
          },
          {
            "criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F"
          },
          {
            "criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081"
          },
          {
            "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9"
          },
          {
            "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48"
          },
          {
            "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "028ABA8F-4E7B-4CD0-B6FC-3A0941E254BA"
          },
          {
            "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ED540469-C4DD-485D-9B89-6877B2A74217"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 3.1

CVSS 2.0

Known exploits

Weaknesses

Configurations

References