CVE-2016-4108
Published on: 05/11/2016 12:00:00 AM UTC
Last Modified on: 03/23/2021 11:26:58 PM UTC
Certain versions of Flash Player from Adobe contain the following vulnerability:
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
- CVE-2016-4108 has been assigned by
[email protected] to track the vulnerability - currently rated as HIGH severity.
CVSS3 Score: 7.5 - HIGH
Attack Vector ⓘ |
Attack Complexity |
Privileges Required |
User Interaction |
|
---|---|---|---|---|
NETWORK | HIGH | NONE | REQUIRED | |
Scope | Confidentiality Impact |
Integrity Impact |
Availability Impact |
|
UNCHANGED | HIGH | HIGH | HIGH |
CVSS2 Score: 7.6 - HIGH
Access Vector ⓘ |
Access Complexity |
Authentication |
---|---|---|
NETWORK | HIGH | NONE |
Confidentiality Impact |
Integrity Impact |
Availability Impact |
COMPLETE | COMPLETE | COMPLETE |
CVE References
Description | Tags ⓘ | Link |
---|---|---|
Adobe Flash Player Multiple Flaws Let Remote Users Execute Arbitrary Code - SecurityTracker | www.securitytracker.com text/html |
![]() |
[security-announce] SUSE-SU-2016:1305-1: important: Security update for | lists.opensuse.org text/html |
![]() |
Adobe Security Bulletin | helpx.adobe.com text/html |
![]() |
Microsoft Security Bulletin MS16-064 - Critical | Microsoft Docs | docs.microsoft.com text/html |
![]() |
Adobe Flash - addProperty Use-After-Free - Multiple dos Exploit | www.exploit-db.com Proof of Concept text/html |
![]() |
Red Hat Customer Portal | web.archive.org text/html Inactive LinkNot Archived |
![]() |
Adobe Flash addProperty Use-After-Free ≈ Packet Storm | packetstormsecurity.com text/html |
![]() |
There are currently no QIDs associated with this CVE
Known Affected Configurations (CPE V2.3)
Type | Vendor | Product | Version | Update | Edition | Language |
---|---|---|---|---|---|---|
Application | Adobe | Flash Player | All | All | All | All |
Application | Microsoft | Edge | - | All | All | All |
Application | Microsoft | Edge | - | All | All | All |
Application | Microsoft | Internet Explorer | 10 | All | All | All |
Application | Microsoft | Internet Explorer | 11 | - | All | All |
Application | Microsoft | Internet Explorer | 10 | All | All | All |
Application | Microsoft | Internet Explorer | 11 | - | All | All |
- cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*:
- cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*:
- cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*:
- cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*:
- cpe:2.3:a:microsoft:internet_explorer:11:-:*:*:*:*:*:*:
- cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*:
- cpe:2.3:a:microsoft:internet_explorer:11:-:*:*:*:*:*:*:
No vendor comments have been submitted for this CVE