CVE-2016-4115
Published on: 05/11/2016 12:00:00 AM UTC
Last Modified on: 03/23/2021 11:26:58 PM UTC
Certain versions of Flash Player from Adobe contain the following vulnerability:
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
- CVE-2016-4115 has been assigned by [email protected] to track the vulnerability - currently rated as HIGH severity.
CVSS3 Score: 7.5 - HIGH
Attack Vector ⓘ |
Attack Complexity |
Privileges Required |
User Interaction |
---|---|---|---|
NETWORK | HIGH | NONE | REQUIRED |
Scope | Confidentiality Impact |
Integrity Impact |
Availability Impact |
UNCHANGED | HIGH | HIGH | HIGH |
CVSS2 Score: 7.6 - HIGH
Access Vector ⓘ |
Access Complexity |
Authentication |
---|---|---|
NETWORK | HIGH | NONE |
Confidentiality Impact |
Integrity Impact |
Availability Impact |
COMPLETE | COMPLETE | COMPLETE |
CVE References
Description | Tags ⓘ | Link |
---|---|---|
Adobe Flash Player Multiple Flaws Let Remote Users Execute Arbitrary Code - SecurityTracker | www.securitytracker.com text/html | SECTRACK 1035827 |
[security-announce] SUSE-SU-2016:1305-1: important: Security update for | lists.opensuse.org text/html | SUSE SUSE-SU-2016:1305 |
Adobe Security Bulletin | helpx.adobe.com text/html | CONFIRM helpx.adobe.com/security/products/flash-player/apsb16-15.html |
Microsoft Security Bulletin MS16-064 - Critical | Microsoft Docs | docs.microsoft.com text/html | MS MS16-064 |
Adobe Flash Player and AIR APSB16-15 Multiple Unspecified Memory Corruption Vulnerabilities | cve.report (archive) text/html | BID 90618 |
Red Hat Customer Portal | web.archive.org text/html Inactive LinkNot Archived | REDHAT RHSA-2016:1079 |
There are currently no QIDs associated with this CVE
Known Affected Configurations (CPE V2.3)
Type | Vendor | Product | Version | Update | Edition | Language |
---|---|---|---|---|---|---|
Application | Adobe | Flash Player | All | All | All | All |
Application | Microsoft | Edge | - | All | All | All |
Application | Microsoft | Edge | - | All | All | All |
Application | Microsoft | Internet Explorer | 10 | All | All | All |
Application | Microsoft | Internet Explorer | 11 | - | All | All |
Application | Microsoft | Internet Explorer | 10 | All | All | All |
Application | Microsoft | Internet Explorer | 11 | - | All | All |
- cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*:
- cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*:
- cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*:
- cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*:
- cpe:2.3:a:microsoft:internet_explorer:11:-:*:*:*:*:*:*:
- cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*:
- cpe:2.3:a:microsoft:internet_explorer:11:-:*:*:*:*:*:*:
No vendor comments have been submitted for this CVE