CVE-2016-4117

Adobe Flash Player 21.0.0.226 and earlier allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in May 2016.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
adobeCNA
---
---
CVEADP
---
---
CISA-ADPADP
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 99%
VendorProductVersion
adobeflash_player
𝑥
≤ 21.0.0.226
redhatenterprise_linux_desktop
5.0
redhatenterprise_linux_desktop
6.0
redhatenterprise_linux_server
5.0
redhatenterprise_linux_server
6.0
redhatenterprise_linux_server_from_rhui
5.0
redhatenterprise_linux_server_from_rhui
6.0
redhatenterprise_linux_workstation
5.0
redhatenterprise_linux_workstation
6.0
opensuseevergreen
11.4
opensuseopensuse
13.1
opensuseopensuse
13.2
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
adobe-flashplugin
xenial
Fixed 1:20160512.1-0ubuntu0.16.04.1
released
wily
Fixed 1:20160512.1-0ubuntu0.15.10.1
released
trusty
Fixed 1:20160512.1-0ubuntu0.14.04.1
released
precise
Fixed 1:20160512.1-0ubuntu0.12.04.1
released
flashplugin-nonfree
xenial
Fixed 11.2.202.621ubuntu0.16.04.1
released
wily
Fixed 11.2.202.621ubuntu0.15.10.1
released
trusty
Fixed 11.2.202.621ubuntu0.14.04.1
released
precise
Fixed 11.2.202.621ubuntu0.12.04.1
released
References
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00046.html
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00047.html
http://rhn.redhat.com/errata/RHSA-2016-1079.html
http://www.securityfocus.com/bid/90505
http://www.securitytracker.com/id/1035826
https://helpx.adobe.com/security/products/flash-player/apsa16-02.html
https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
https://security.gentoo.org/glsa/201606-08
https://www.exploit-db.com/exploits/46339/
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00046.html
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00047.html
http://rhn.redhat.com/errata/RHSA-2016-1079.html
http://www.securityfocus.com/bid/90505
http://www.securitytracker.com/id/1035826
https://helpx.adobe.com/security/products/flash-player/apsa16-02.html
https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
https://security.gentoo.org/glsa/201606-08
https://www.exploit-db.com/exploits/46339/