CVE-2016-4171

KEV

🔴 Łataj teraz

Nieokreślona podatność w Adobe Flash Player umożliwia zdalne wykonanie dowolnego kodu.

CVSS

9.8

EPSS

39.2%

Exploit

weaponized

Vendor

adobe

Opis źródłowy (NVD)

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in June 2016.

brak Brak patcha

Źródła i daty

Źródło	Wartość
NVD – CVSS	9.8
CISA KEV (aktywnie wykorzystywane)	Tak
FIRST EPSS (prawdopodobieństwo exploita)	39.2%
Opublikowano (NVD)	2016-06-16 14:59:51 UTC
Ostatnia modyfikacja (NVD)	2026-04-21 21:07:11 UTC

Referencje

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html (psirt@adobe.com) [Mailing List, Third Party Advisory]
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html (psirt@adobe.com) [Mailing List, Third Party Advisory]
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html (psirt@adobe.com) [Mailing List, Third Party Advisory]
http://www.securityfocus.com/bid/91184 (psirt@adobe.com) [Third Party Advisory, VDB Entry]
http://www.securitytracker.com/id/1036094 (psirt@adobe.com) [Third Party Advisory, VDB Entry]
https://access.redhat.com/errata/RHSA-2016:1238 (psirt@adobe.com) [Third Party Advisory]
https://helpx.adobe.com/security/products/flash-player/apsa16-03.html (psirt@adobe.com) [Vendor Advisory]
https://helpx.adobe.com/security/products/flash-player/apsb16-18.html (psirt@adobe.com) [Vendor Advisory]
https://security.gentoo.org/glsa/201606-08 (psirt@adobe.com) [Third Party Advisory]
https://www.kb.cert.org/vuls/id/748992 (psirt@adobe.com) [Third Party Advisory, US Government Resource]
https://github.com/cisagov/vulnrichment/issues/196 (134c704f-9b21-4f2e-91b3-4a467353bcc0) [Issue Tracking]
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-4171 (134c704f-9b21-4f2e-91b3-4a467353bcc0) [US Government Resource]