CVE-2016-4117
CVE-2016-4117
In short
Adobe Flash Player versions up to 21.0.0.226 contain a vulnerability that allows attackers to run malicious code on a user's computer. This flaw was actively exploited by criminals in May 2016, making it a critical security threat.
Technical detail
A remote code execution vulnerability exists in Adobe Flash Player 21.0.0.226 and earlier through unspecified attack vectors. The vulnerability was actively exploited in the wild in May 2016, indicating high practical exploitability and demonstrating arbitrary code execution capability on affected systems.
Summary generated and translated by AI from the official description.
Adobe Flash Player 21.0.0.226 and earlier allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in May 2016.
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected products
n/a · n/apublic PoCs found — 3
githubgithub.com/amit-raut/CVE-2016-4117-Report★ 1exploitdbwww.exploit-db.com/exploits/46339unverifiedcve_referencewww.exploit-db.com/exploits/46339/unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00046.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00047.htmlhttp://rhn.redhat.com/errata/RHSA-2016-1079.htmlhttps://github.com/cisagov/vulnrichment/issues/196https://helpx.adobe.com/security/products/flash-player/apsa16-02.htmlhttps://helpx.adobe.com/security/products/flash-player/apsb16-15.htmlhttps://security.gentoo.org/glsa/201606-08https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-4117https://www.exploit-db.com/exploits/46339/http://www.securityfocus.com/bid/90505