Description
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Google Security Research · textdosmultiple
https://www.exploit-db.com/exploits/40089
References (8)
Core 8
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1036117
Patch, Third Party Advisory vendor-advisory
x_refsource_ms
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083
Broken Link, Third Party Advisory vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html
Third Party Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2016:1238
Exploit, Third Party Advisory, VDB Entry exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/40089/
Broken Link, Third Party Advisory vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html
Broken Link, Third Party Advisory vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html
Vendor Advisory x_refsource_confirm
https://helpx.adobe.com/security/products/flash-player/apsb16-18.html
Scores
CVSS v3
8.8
EPSS
0.3503
EPSS Percentile
97.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
Status
published
Products (15)
adobe/flash_player
adobe/flash_player
< 11.2.202.621
adobe/flash_player
< 18.0.0.352
adobe/flash_player
< 21.0.0.242 (3 CPE variants)
adobe/flash_player_desktop_runtime
< 21.0.0.242
opensuse/opensuse
13.1
opensuse/opensuse
13.2
redhat/enterprise_linux_desktop
5.0
redhat/enterprise_linux_desktop
6.0
redhat/enterprise_linux_server
5.0
... and 5 more
Published
Jun 16, 2016
Tracked Since
Feb 18, 2026