CVE-2016-1109

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
HIGH
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 91%
Affected Products (NVD)
VendorProductVersion
microsoftedge
-
adobeflash_player
𝑥
≤ 21.0.0.213
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
adobe-flashplugin
precise
not-affected
trusty
dne
wily
not-affected
xenial
not-affected
flashplugin-nonfree
precise
not-affected
trusty
dne
wily
not-affected
xenial
not-affected
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
flash-plugin
RHEL 6
0:11.2.202.621-1.el6_8
fixed
References
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html
http://rhn.redhat.com/errata/RHSA-2016-1079.html
http://www.securitytracker.com/id/1035827
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-064
https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html
http://rhn.redhat.com/errata/RHSA-2016-1079.html
http://www.securitytracker.com/id/1035827
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-064
https://helpx.adobe.com/security/products/flash-player/apsb16-15.html