Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2008-5021

Summary
Assigner-redhat
Assigner Org ID-53f830b8-0a3f-465b-8143-3b8a9948e749
Published At-13 Nov, 2008 | 11:00
Updated At-07 Aug, 2024 | 10:40
Rejected At-
Credits

nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifying properties of a file input element while it is still being initialized, then using the blur method to access uninitialized memory.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:redhat
Assigner Org ID:53f830b8-0a3f-465b-8143-3b8a9948e749
Published At:13 Nov, 2008 | 11:00
Updated At:07 Aug, 2024 | 10:40
Rejected At:
▼CVE Numbering Authority (CNA)

nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifying properties of a file input element while it is still being initialized, then using the blur method to access uninitialized memory.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.vupen.com/english/advisories/2008/3146
vdb-entry
x_refsource_VUPEN
http://www.debian.org/security/2009/dsa-1697
vendor-advisory
x_refsource_DEBIAN
http://www.debian.org/security/2008/dsa-1671
vendor-advisory
x_refsource_DEBIAN
http://www.securityfocus.com/bid/32281
vdb-entry
x_refsource_BID
https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00366.html
vendor-advisory
x_refsource_FEDORA
http://secunia.com/advisories/32713
third-party-advisory
x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2008-0977.html
vendor-advisory
x_refsource_REDHAT
http://www.mandriva.com/security/advisories?name=MDVSA-2008:230
vendor-advisory
x_refsource_MANDRIVA
http://www.vupen.com/english/advisories/2009/0977
vdb-entry
x_refsource_VUPEN
http://secunia.com/advisories/32695
third-party-advisory
x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2008-0978.html
vendor-advisory
x_refsource_REDHAT
http://www.debian.org/security/2008/dsa-1669
vendor-advisory
x_refsource_DEBIAN
http://secunia.com/advisories/32778
third-party-advisory
x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2008-0976.html
vendor-advisory
x_refsource_REDHAT
https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00385.html
vendor-advisory
x_refsource_FEDORA
http://secunia.com/advisories/33433
third-party-advisory
x_refsource_SECUNIA
http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1
vendor-advisory
x_refsource_SUNALERT
http://www.mozilla.org/security/announce/2008/mfsa2008-55.html
x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00004.html
vendor-advisory
x_refsource_SUSE
http://secunia.com/advisories/32694
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/32721
third-party-advisory
x_refsource_SECUNIA
http://www.us-cert.gov/cas/techalerts/TA08-319A.html
third-party-advisory
x_refsource_CERT
https://bugzilla.mozilla.org/show_bug.cgi?id=460002
x_refsource_MISC
http://secunia.com/advisories/32853
third-party-advisory
x_refsource_SECUNIA
http://www.debian.org/security/2009/dsa-1696
vendor-advisory
x_refsource_DEBIAN
http://www.securitytracker.com/id?1021186
vdb-entry
x_refsource_SECTRACK
http://secunia.com/advisories/32715
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/32693
third-party-advisory
x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDVSA-2008:228
vendor-advisory
x_refsource_MANDRIVA
http://secunia.com/advisories/32845
third-party-advisory
x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDVSA-2008:235
vendor-advisory
x_refsource_MANDRIVA
http://secunia.com/advisories/33434
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/32798
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/32684
third-party-advisory
x_refsource_SECUNIA
http://ubuntu.com/usn/usn-667-1
vendor-advisory
x_refsource_UBUNTU
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9642
vdb-entry
signature
x_refsource_OVAL
http://secunia.com/advisories/32714
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/34501
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.vupen.com/english/advisories/2008/3146
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.debian.org/security/2009/dsa-1697
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://www.debian.org/security/2008/dsa-1671
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://www.securityfocus.com/bid/32281
Resource:
vdb-entry
x_refsource_BID
Hyperlink: https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00366.html
Resource:
vendor-advisory
x_refsource_FEDORA
Hyperlink: http://secunia.com/advisories/32713
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0977.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2008:230
Resource:
vendor-advisory
x_refsource_MANDRIVA
Hyperlink: http://www.vupen.com/english/advisories/2009/0977
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://secunia.com/advisories/32695
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0978.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.debian.org/security/2008/dsa-1669
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://secunia.com/advisories/32778
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0976.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00385.html
Resource:
vendor-advisory
x_refsource_FEDORA
Hyperlink: http://secunia.com/advisories/33433
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1
Resource:
vendor-advisory
x_refsource_SUNALERT
Hyperlink: http://www.mozilla.org/security/announce/2008/mfsa2008-55.html
Resource:
x_refsource_CONFIRM
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00004.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://secunia.com/advisories/32694
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/32721
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA08-319A.html
Resource:
third-party-advisory
x_refsource_CERT
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=460002
Resource:
x_refsource_MISC
Hyperlink: http://secunia.com/advisories/32853
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.debian.org/security/2009/dsa-1696
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://www.securitytracker.com/id?1021186
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://secunia.com/advisories/32715
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/32693
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2008:228
Resource:
vendor-advisory
x_refsource_MANDRIVA
Hyperlink: http://secunia.com/advisories/32845
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2008:235
Resource:
vendor-advisory
x_refsource_MANDRIVA
Hyperlink: http://secunia.com/advisories/33434
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/32798
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/32684
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://ubuntu.com/usn/usn-667-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9642
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://secunia.com/advisories/32714
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/34501
Resource:
third-party-advisory
x_refsource_SECUNIA
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.vupen.com/english/advisories/2008/3146
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.debian.org/security/2009/dsa-1697
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://www.debian.org/security/2008/dsa-1671
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://www.securityfocus.com/bid/32281
vdb-entry
x_refsource_BID
x_transferred
https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00366.html
vendor-advisory
x_refsource_FEDORA
x_transferred
http://secunia.com/advisories/32713
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.redhat.com/support/errata/RHSA-2008-0977.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.mandriva.com/security/advisories?name=MDVSA-2008:230
vendor-advisory
x_refsource_MANDRIVA
x_transferred
http://www.vupen.com/english/advisories/2009/0977
vdb-entry
x_refsource_VUPEN
x_transferred
http://secunia.com/advisories/32695
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.redhat.com/support/errata/RHSA-2008-0978.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.debian.org/security/2008/dsa-1669
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://secunia.com/advisories/32778
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.redhat.com/support/errata/RHSA-2008-0976.html
vendor-advisory
x_refsource_REDHAT
x_transferred
https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00385.html
vendor-advisory
x_refsource_FEDORA
x_transferred
http://secunia.com/advisories/33433
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1
vendor-advisory
x_refsource_SUNALERT
x_transferred
http://www.mozilla.org/security/announce/2008/mfsa2008-55.html
x_refsource_CONFIRM
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00004.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://secunia.com/advisories/32694
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/32721
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.us-cert.gov/cas/techalerts/TA08-319A.html
third-party-advisory
x_refsource_CERT
x_transferred
https://bugzilla.mozilla.org/show_bug.cgi?id=460002
x_refsource_MISC
x_transferred
http://secunia.com/advisories/32853
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.debian.org/security/2009/dsa-1696
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://www.securitytracker.com/id?1021186
vdb-entry
x_refsource_SECTRACK
x_transferred
http://secunia.com/advisories/32715
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/32693
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.mandriva.com/security/advisories?name=MDVSA-2008:228
vendor-advisory
x_refsource_MANDRIVA
x_transferred
http://secunia.com/advisories/32845
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.mandriva.com/security/advisories?name=MDVSA-2008:235
vendor-advisory
x_refsource_MANDRIVA
x_transferred
http://secunia.com/advisories/33434
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/32798
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/32684
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://ubuntu.com/usn/usn-667-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9642
vdb-entry
signature
x_refsource_OVAL
x_transferred
http://secunia.com/advisories/32714
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/34501
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2008/3146
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.debian.org/security/2009/dsa-1697
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://www.debian.org/security/2008/dsa-1671
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://www.securityfocus.com/bid/32281
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00366.html
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: http://secunia.com/advisories/32713
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0977.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2008:230
Resource:
vendor-advisory
x_refsource_MANDRIVA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2009/0977
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://secunia.com/advisories/32695
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0978.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.debian.org/security/2008/dsa-1669
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://secunia.com/advisories/32778
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0976.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00385.html
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: http://secunia.com/advisories/33433
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1
Resource:
vendor-advisory
x_refsource_SUNALERT
x_transferred
Hyperlink: http://www.mozilla.org/security/announce/2008/mfsa2008-55.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00004.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://secunia.com/advisories/32694
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/32721
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA08-319A.html
Resource:
third-party-advisory
x_refsource_CERT
x_transferred
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=460002
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://secunia.com/advisories/32853
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.debian.org/security/2009/dsa-1696
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://www.securitytracker.com/id?1021186
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://secunia.com/advisories/32715
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/32693
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2008:228
Resource:
vendor-advisory
x_refsource_MANDRIVA
x_transferred
Hyperlink: http://secunia.com/advisories/32845
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2008:235
Resource:
vendor-advisory
x_refsource_MANDRIVA
x_transferred
Hyperlink: http://secunia.com/advisories/33434
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/32798
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/32684
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://ubuntu.com/usn/usn-667-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9642
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://secunia.com/advisories/32714
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/34501
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secalert@redhat.com
Published At:13 Nov, 2008 | 11:30
Updated At:02 Feb, 2024 | 17:07

nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifying properties of a file input element while it is still being initialized, then using the blur method to access uninitialized memory.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.09.3HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
Type: Primary
Version: 2.0
Base score: 9.3
Base severity: HIGH
Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C
CPE Matches
Mozilla Corporation
mozilla
>>firefox>>Versions from 2.0(inclusive) to 2.0.0.18(exclusive)
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>firefox>>Versions from 3.0(inclusive) to 3.0.4(exclusive)
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>seamonkey>>Versions from 1.0(inclusive) to 1.1.13(exclusive)
cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>thunderbird>>Versions from 2.0(inclusive) to 2.0.0.18(exclusive)
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>4.0
cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>6.06
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>7.10
cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>8.04
cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>8.10
cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*
Fedora Project
fedoraproject
>>fedora>>8
cpe:2.3:o:fedoraproject:fedora:8:*:*:*:*:*:*:*
Fedora Project
fedoraproject
>>fedora>>9
cpe:2.3:o:fedoraproject:fedora:9:*:*:*:*:*:*:*
SUSE
suse
>>linux_enterprise_debuginfo>>10
cpe:2.3:a:suse:linux_enterprise_debuginfo:10:sp2:*:*:*:*:*:*
Novell
novell
>>linux_desktop>>9
cpe:2.3:o:novell:linux_desktop:9:*:*:*:*:*:*:*
Novell
novell
>>open_enterprise_server>>-
cpe:2.3:o:novell:open_enterprise_server:-:*:*:*:*:*:*:*
openSUSE
opensuse
>>opensuse>>10.2
cpe:2.3:o:opensuse:opensuse:10.2:*:*:*:*:*:*:*
openSUSE
opensuse
>>opensuse>>10.3
cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*
openSUSE
opensuse
>>opensuse>>11.0
cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*
SUSE
suse
>>linux_enterprise_desktop>>10
cpe:2.3:o:suse:linux_enterprise_desktop:10:-:*:*:*:*:*:*
SUSE
suse
>>linux_enterprise_server>>9
cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*
SUSE
suse
>>linux_enterprise_server>>10
cpe:2.3:o:suse:linux_enterprise_server:10:sp1:*:*:*:*:*:*
SUSE
suse
>>linux_enterprise_software_development_kit>>10
cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp1:*:*:*:*:*:*
SUSE
suse
>>linux_enterprise_software_development_kit>>10
cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp2:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-362Primarynvd@nist.gov
CWE ID: CWE-362
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00004.htmlsecalert@redhat.com
Mailing List
Third Party Advisory
http://secunia.com/advisories/32684secalert@redhat.com
Broken Link
Third Party Advisory
http://secunia.com/advisories/32693secalert@redhat.com
Broken Link
Third Party Advisory
http://secunia.com/advisories/32694secalert@redhat.com
Broken Link
Third Party Advisory
http://secunia.com/advisories/32695secalert@redhat.com
Broken Link
Third Party Advisory
http://secunia.com/advisories/32713secalert@redhat.com
Broken Link
Third Party Advisory
http://secunia.com/advisories/32714secalert@redhat.com
Broken Link
Third Party Advisory
http://secunia.com/advisories/32715secalert@redhat.com
Broken Link
Third Party Advisory
http://secunia.com/advisories/32721secalert@redhat.com
Broken Link
Third Party Advisory
http://secunia.com/advisories/32778secalert@redhat.com
Broken Link
Third Party Advisory
http://secunia.com/advisories/32798secalert@redhat.com
Broken Link
Third Party Advisory
http://secunia.com/advisories/32845secalert@redhat.com
Broken Link
Third Party Advisory
http://secunia.com/advisories/32853secalert@redhat.com
Broken Link
Third Party Advisory
http://secunia.com/advisories/33433secalert@redhat.com
Broken Link
Third Party Advisory
http://secunia.com/advisories/33434secalert@redhat.com
Broken Link
Third Party Advisory
http://secunia.com/advisories/34501secalert@redhat.com
Broken Link
Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1secalert@redhat.com
Broken Link
http://ubuntu.com/usn/usn-667-1secalert@redhat.com
Third Party Advisory
http://www.debian.org/security/2008/dsa-1669secalert@redhat.com
Mailing List
Third Party Advisory
http://www.debian.org/security/2008/dsa-1671secalert@redhat.com
Mailing List
Third Party Advisory
http://www.debian.org/security/2009/dsa-1696secalert@redhat.com
Mailing List
Third Party Advisory
http://www.debian.org/security/2009/dsa-1697secalert@redhat.com
Mailing List
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2008:228secalert@redhat.com
Broken Link
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2008:230secalert@redhat.com
Broken Link
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2008:235secalert@redhat.com
Broken Link
Third Party Advisory
http://www.mozilla.org/security/announce/2008/mfsa2008-55.htmlsecalert@redhat.com
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2008-0976.htmlsecalert@redhat.com
Broken Link
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-0977.htmlsecalert@redhat.com
Broken Link
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-0978.htmlsecalert@redhat.com
Broken Link
Third Party Advisory
http://www.securityfocus.com/bid/32281secalert@redhat.com
Broken Link
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1021186secalert@redhat.com
Broken Link
Third Party Advisory
VDB Entry
http://www.us-cert.gov/cas/techalerts/TA08-319A.htmlsecalert@redhat.com
Third Party Advisory
US Government Resource
http://www.vupen.com/english/advisories/2008/3146secalert@redhat.com
Broken Link
Third Party Advisory
http://www.vupen.com/english/advisories/2009/0977secalert@redhat.com
Broken Link
Third Party Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=460002secalert@redhat.com
Issue Tracking
Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9642secalert@redhat.com
Broken Link
Third Party Advisory
https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00366.htmlsecalert@redhat.com
Mailing List
Third Party Advisory
https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00385.htmlsecalert@redhat.com
Mailing List
Third Party Advisory
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00004.html
Source: secalert@redhat.com
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://secunia.com/advisories/32684
Source: secalert@redhat.com
Resource:
Broken Link
Third Party Advisory
Hyperlink: http://secunia.com/advisories/32693
Source: secalert@redhat.com
Resource:
Broken Link
Third Party Advisory
Hyperlink: http://secunia.com/advisories/32694
Source: secalert@redhat.com
Resource:
Broken Link
Third Party Advisory
Hyperlink: http://secunia.com/advisories/32695
Source: secalert@redhat.com
Resource:
Broken Link
Third Party Advisory
Hyperlink: http://secunia.com/advisories/32713
Source: secalert@redhat.com
Resource:
Broken Link
Third Party Advisory
Hyperlink: http://secunia.com/advisories/32714
Source: secalert@redhat.com
Resource:
Broken Link
Third Party Advisory
Hyperlink: http://secunia.com/advisories/32715
Source: secalert@redhat.com
Resource:
Broken Link
Third Party Advisory
Hyperlink: http://secunia.com/advisories/32721
Source: secalert@redhat.com
Resource:
Broken Link
Third Party Advisory
Hyperlink: http://secunia.com/advisories/32778
Source: secalert@redhat.com
Resource:
Broken Link
Third Party Advisory
Hyperlink: http://secunia.com/advisories/32798
Source: secalert@redhat.com
Resource:
Broken Link
Third Party Advisory
Hyperlink: http://secunia.com/advisories/32845
Source: secalert@redhat.com
Resource:
Broken Link
Third Party Advisory
Hyperlink: http://secunia.com/advisories/32853
Source: secalert@redhat.com
Resource:
Broken Link
Third Party Advisory
Hyperlink: http://secunia.com/advisories/33433
Source: secalert@redhat.com
Resource:
Broken Link
Third Party Advisory
Hyperlink: http://secunia.com/advisories/33434
Source: secalert@redhat.com
Resource:
Broken Link
Third Party Advisory
Hyperlink: http://secunia.com/advisories/34501
Source: secalert@redhat.com
Resource:
Broken Link
Third Party Advisory
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1
Source: secalert@redhat.com
Resource:
Broken Link
Hyperlink: http://ubuntu.com/usn/usn-667-1
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://www.debian.org/security/2008/dsa-1669
Source: secalert@redhat.com
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://www.debian.org/security/2008/dsa-1671
Source: secalert@redhat.com
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://www.debian.org/security/2009/dsa-1696
Source: secalert@redhat.com
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://www.debian.org/security/2009/dsa-1697
Source: secalert@redhat.com
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2008:228
Source: secalert@redhat.com
Resource:
Broken Link
Third Party Advisory
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2008:230
Source: secalert@redhat.com
Resource:
Broken Link
Third Party Advisory
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2008:235
Source: secalert@redhat.com
Resource:
Broken Link
Third Party Advisory
Hyperlink: http://www.mozilla.org/security/announce/2008/mfsa2008-55.html
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0976.html
Source: secalert@redhat.com
Resource:
Broken Link
Third Party Advisory
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0977.html
Source: secalert@redhat.com
Resource:
Broken Link
Third Party Advisory
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0978.html
Source: secalert@redhat.com
Resource:
Broken Link
Third Party Advisory
Hyperlink: http://www.securityfocus.com/bid/32281
Source: secalert@redhat.com
Resource:
Broken Link
Third Party Advisory
VDB Entry
Hyperlink: http://www.securitytracker.com/id?1021186
Source: secalert@redhat.com
Resource:
Broken Link
Third Party Advisory
VDB Entry
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA08-319A.html
Source: secalert@redhat.com
Resource:
Third Party Advisory
US Government Resource
Hyperlink: http://www.vupen.com/english/advisories/2008/3146
Source: secalert@redhat.com
Resource:
Broken Link
Third Party Advisory
Hyperlink: http://www.vupen.com/english/advisories/2009/0977
Source: secalert@redhat.com
Resource:
Broken Link
Third Party Advisory
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=460002
Source: secalert@redhat.com
Resource:
Issue Tracking
Vendor Advisory
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9642
Source: secalert@redhat.com
Resource:
Broken Link
Third Party Advisory
Hyperlink: https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00366.html
Source: secalert@redhat.com
Resource:
Mailing List
Third Party Advisory
Hyperlink: https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00385.html
Source: secalert@redhat.com
Resource:
Mailing List
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

889Records found
CVE-2008-4063
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-9.3||HIGH
EPSS-2.85% / 85.70%
||
7 Day CHG~0.00%
Published-24 Sep, 2008 | 18:00
Updated-07 Aug, 2024 | 10:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the layout engine and (1) a zero value of the "this" variable in the nsContentList::Item function; (2) interaction of the indic IME extension, a Hindi language selection, and the "g" character; and (3) interaction of the nsFrameList::SortByContentOrder function with a certain insufficient protection of inline frames.

Action-Not Available
Vendor-n/aMozilla CorporationCanonical Ltd.
Product-firefoxubuntu_linuxn/a
CVE-2016-7913
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-1.07% / 76.85%
||
7 Day CHG~0.00%
Published-16 Nov, 2016 | 04:49
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) via vectors involving omission of the firmware name from a certain data structure.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncCanonical Ltd.
Product-linux_kernelubuntu_linuxn/a
CWE ID-CWE-416
Use After Free
CVE-2008-2712
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-9.99% / 92.75%
||
7 Day CHG~0.00%
Published-16 Jun, 2008 | 21:00
Updated-07 Aug, 2024 | 09:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vim 7.1.314, 6.4, and other versions allows user-assisted remote attackers to execute arbitrary commands via Vim scripts that do not properly sanitize inputs before invoking the execute or system functions, as demonstrated using (1) filetype.vim, (3) xpm.vim, (4) gzip_vim, and (5) netrw. NOTE: the originally reported version was 7.1.314, but the researcher actually found this set of issues in 7.1.298. NOTE: the zipplugin issue (originally vector 2 in this identifier) has been subsumed by CVE-2008-3075.

Action-Not Available
Vendor-n/aVimCanonical Ltd.
Product-ubuntu_linuxvimn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-2908
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-59.53% / 98.17%
||
7 Day CHG~0.00%
Published-30 Jun, 2008 | 18:00
Updated-07 Aug, 2024 | 09:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple stack-based buffer overflows in a certain ActiveX control in ienipp.ocx in Novell iPrint Client for Windows before 4.36 allow remote attackers to execute arbitrary code via a long value of the (1) operation, (2) printer-url, or (3) target-frame parameter. NOTE: some of these details are obtained from third party information.

Action-Not Available
Vendor-n/aNovell
Product-iprint_clientn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-6299
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.13% / 33.10%
||
7 Day CHG~0.00%
Published-14 Apr, 2017 | 18:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The scm plug-in in mock might allow attackers to bypass the intended chroot protection mechanism and gain root privileges via a crafted spec file.

Action-Not Available
Vendor-mock_projectn/aFedora Project
Product-scm_pluginfedoran/a
CVE-2008-3282
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.62% / 69.14%
||
7 Day CHG~0.00%
Published-29 Aug, 2008 | 18:00
Updated-17 Jan, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in the memory allocator in OpenOffice.org (OOo) 2.4.1, on 64-bit platforms, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted document, related to a "numeric truncation error," a different vulnerability than CVE-2008-2152.

Action-Not Available
Vendor-n/aThe Apache Software FoundationFedora Project
Product-fedoraopenofficen/a
CWE ID-CWE-681
Incorrect Conversion between Numeric Types
CVE-2016-4146
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-3.70% / 87.47%
||
7 Day CHG+1.52%
Published-16 Jun, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

Action-Not Available
Vendor-n/aAdobe Inc.openSUSELinux Kernel Organization, IncSUSERed Hat, Inc.Google LLCApple Inc.Microsoft Corporation
Product-chrome_osenterprise_linux_serverlinux_kernelmacoslinux_enterprise_desktopwindows_8.1windows_10flash_playeropensuseflash_player_desktop_runtimeenterprise_linux_desktopwindows_rt_8.1windowsenterprise_linux_workstationlinux_enterprise_workstation_extensionwindows_server_2012n/a
CVE-2008-2785
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-9.52% / 92.53%
||
7 Day CHG~0.00%
Published-19 Jun, 2008 | 21:00
Updated-07 Aug, 2024 | 09:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mozilla Firefox before 2.0.0.16 and 3.x before 3.0.1, Thunderbird before 2.0.0.16, and SeaMonkey before 1.1.11 use an incorrect integer data type as a CSS object reference counter in the CSSValue array (aka nsCSSValue:Array) data structure, which allows remote attackers to execute arbitrary code via a large number of references to a common CSS object, leading to a counter overflow and a free of in-use memory, aka ZDI-CAN-349.

Action-Not Available
Vendor-n/aMozilla Corporation
Product-firefoxthunderbirdseamonkeyn/a
CWE ID-CWE-189
Not Available
CVE-2016-4135
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-35.23% / 96.91%
||
7 Day CHG~0.00%
Published-16 Jun, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

Action-Not Available
Vendor-n/aAdobe Inc.openSUSELinux Kernel Organization, IncSUSERed Hat, Inc.Google LLCApple Inc.Microsoft Corporation
Product-chrome_osenterprise_linux_serverlinux_kernelmacoslinux_enterprise_desktopwindows_8.1windows_10flash_playeropensuseflash_player_desktop_runtimeenterprise_linux_desktopwindows_rt_8.1windowsenterprise_linux_workstationlinux_enterprise_workstation_extensionwindows_server_2012n/a
CVE-2016-4123
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-2.18% / 83.68%
||
7 Day CHG-0.01%
Published-16 Jun, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

Action-Not Available
Vendor-n/aAdobe Inc.openSUSELinux Kernel Organization, IncSUSERed Hat, Inc.Google LLCApple Inc.Microsoft Corporation
Product-flash_playerenterprise_linux_serverchrome_oslinux_kernellinux_enterprise_workstation_extensionopensuseflash_player_desktop_runtimeenterprise_linux_desktopenterprise_linux_workstationlinux_enterprise_desktopwindowswindows_8.1mac_os_xwindows_10n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2016-4127
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-2.18% / 83.68%
||
7 Day CHG~0.00%
Published-16 Jun, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

Action-Not Available
Vendor-n/aAdobe Inc.openSUSELinux Kernel Organization, IncSUSERed Hat, Inc.Google LLCApple Inc.Microsoft Corporation
Product-flash_playerenterprise_linux_serverchrome_oslinux_kernellinux_enterprise_workstation_extensionopensuseflash_player_desktop_runtimeenterprise_linux_desktopenterprise_linux_workstationlinux_enterprise_desktopwindowswindows_8.1mac_os_xwindows_10n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2016-4130
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-2.18% / 83.68%
||
7 Day CHG~0.00%
Published-16 Jun, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

Action-Not Available
Vendor-n/aAdobe Inc.openSUSELinux Kernel Organization, IncSUSERed Hat, Inc.Google LLCApple Inc.Microsoft Corporation
Product-flash_playerenterprise_linux_serverchrome_oslinux_kernellinux_enterprise_workstation_extensionopensuseflash_player_desktop_runtimeenterprise_linux_desktopenterprise_linux_workstationlinux_enterprise_desktopwindowswindows_8.1mac_os_xwindows_10n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2016-4144
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-3.70% / 87.47%
||
7 Day CHG+1.52%
Published-16 Jun, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

Action-Not Available
Vendor-n/aAdobe Inc.openSUSELinux Kernel Organization, IncSUSERed Hat, Inc.Google LLCApple Inc.Microsoft Corporation
Product-chrome_osenterprise_linux_serverlinux_kernelmacoslinux_enterprise_desktopwindows_8.1windows_10flash_playeropensuseflash_player_desktop_runtimeenterprise_linux_desktopwindows_rt_8.1windowsenterprise_linux_workstationlinux_enterprise_workstation_extensionwindows_server_2012n/a
CVE-2016-4148
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-3.70% / 87.47%
||
7 Day CHG+1.52%
Published-16 Jun, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

Action-Not Available
Vendor-n/aAdobe Inc.openSUSELinux Kernel Organization, IncSUSERed Hat, Inc.Google LLCApple Inc.Microsoft Corporation
Product-chrome_osenterprise_linux_serverlinux_kernelmacoslinux_enterprise_desktopwindows_8.1windows_10flash_playeropensuseflash_player_desktop_runtimeenterprise_linux_desktopwindows_rt_8.1windowsenterprise_linux_workstationlinux_enterprise_workstation_extensionwindows_server_2012n/a
CVE-2016-4150
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-4.13% / 88.18%
||
7 Day CHG+1.03%
Published-16 Jun, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

Action-Not Available
Vendor-n/aAdobe Inc.openSUSELinux Kernel Organization, IncSUSERed Hat, Inc.Google LLCApple Inc.Microsoft Corporation
Product-flash_playerenterprise_linux_serverchrome_oslinux_kernellinux_enterprise_workstation_extensionopensuseflash_player_desktop_runtimeenterprise_linux_desktopenterprise_linux_workstationlinux_enterprise_desktopwindowswindows_8.1mac_os_xwindows_10n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2016-4151
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-4.13% / 88.18%
||
7 Day CHG+1.03%
Published-16 Jun, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

Action-Not Available
Vendor-n/aAdobe Inc.openSUSELinux Kernel Organization, IncSUSERed Hat, Inc.Google LLCApple Inc.Microsoft Corporation
Product-flash_playerenterprise_linux_serverchrome_oslinux_kernellinux_enterprise_workstation_extensionopensuseflash_player_desktop_runtimeenterprise_linux_desktopenterprise_linux_workstationlinux_enterprise_desktopwindowswindows_8.1mac_os_xwindows_10n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2016-4132
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-3.70% / 87.47%
||
7 Day CHG~0.00%
Published-16 Jun, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

Action-Not Available
Vendor-n/aAdobe Inc.openSUSELinux Kernel Organization, IncSUSERed Hat, Inc.Google LLCApple Inc.Microsoft Corporation
Product-chrome_osenterprise_linux_serverlinux_kernelmacoslinux_enterprise_desktopwindows_8.1windows_10flash_playeropensuseflash_player_desktop_runtimeenterprise_linux_desktopwindows_rt_8.1windowsenterprise_linux_workstationlinux_enterprise_workstation_extensionwindows_server_2012n/a
CVE-2016-4124
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-2.18% / 83.68%
||
7 Day CHG-0.01%
Published-16 Jun, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

Action-Not Available
Vendor-n/aAdobe Inc.openSUSELinux Kernel Organization, IncSUSERed Hat, Inc.Google LLCApple Inc.Microsoft Corporation
Product-flash_playerenterprise_linux_serverchrome_oslinux_kernellinux_enterprise_workstation_extensionopensuseflash_player_desktop_runtimeenterprise_linux_desktopenterprise_linux_workstationlinux_enterprise_desktopwindowswindows_8.1mac_os_xwindows_10n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2016-4128
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-2.18% / 83.68%
||
7 Day CHG~0.00%
Published-16 Jun, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

Action-Not Available
Vendor-n/aAdobe Inc.openSUSELinux Kernel Organization, IncSUSERed Hat, Inc.Google LLCApple Inc.Microsoft Corporation
Product-flash_playerenterprise_linux_serverchrome_oslinux_kernellinux_enterprise_workstation_extensionopensuseflash_player_desktop_runtimeenterprise_linux_desktopenterprise_linux_workstationlinux_enterprise_desktopwindowswindows_8.1mac_os_xwindows_10n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2016-4131
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-3.70% / 87.47%
||
7 Day CHG~0.00%
Published-16 Jun, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

Action-Not Available
Vendor-n/aAdobe Inc.openSUSELinux Kernel Organization, IncSUSERed Hat, Inc.Google LLCApple Inc.Microsoft Corporation
Product-chrome_osenterprise_linux_serverlinux_kernelmacoslinux_enterprise_desktopwindows_8.1windows_10flash_playeropensuseflash_player_desktop_runtimeenterprise_linux_desktopwindows_rt_8.1windowsenterprise_linux_workstationlinux_enterprise_workstation_extensionwindows_server_2012n/a
CVE-2016-4143
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-3.70% / 87.47%
||
7 Day CHG+1.52%
Published-16 Jun, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

Action-Not Available
Vendor-n/aAdobe Inc.openSUSELinux Kernel Organization, IncSUSERed Hat, Inc.Google LLCApple Inc.Microsoft Corporation
Product-chrome_osenterprise_linux_serverlinux_kernelmacoslinux_enterprise_desktopwindows_8.1windows_10flash_playeropensuseflash_player_desktop_runtimeenterprise_linux_desktopwindows_rt_8.1windowsenterprise_linux_workstationlinux_enterprise_workstation_extensionwindows_server_2012n/a
CVE-2016-4140
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-3.70% / 87.47%
||
7 Day CHG+1.52%
Published-16 Jun, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

Action-Not Available
Vendor-n/aAdobe Inc.openSUSELinux Kernel Organization, IncSUSERed Hat, Inc.Google LLCApple Inc.Microsoft Corporation
Product-chrome_osenterprise_linux_serverlinux_kernelmacoslinux_enterprise_desktopwindows_8.1windows_10flash_playeropensuseflash_player_desktop_runtimeenterprise_linux_desktopwindows_rt_8.1windowsenterprise_linux_workstationlinux_enterprise_workstation_extensionwindows_server_2012n/a
CVE-2016-4122
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-2.18% / 83.68%
||
7 Day CHG-0.01%
Published-16 Jun, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

Action-Not Available
Vendor-n/aAdobe Inc.openSUSELinux Kernel Organization, IncSUSERed Hat, Inc.Google LLCApple Inc.Microsoft Corporation
Product-flash_playerenterprise_linux_serverchrome_oslinux_kernellinux_enterprise_workstation_extensionopensuseflash_player_desktop_runtimeenterprise_linux_desktopenterprise_linux_workstationlinux_enterprise_desktopwindowswindows_8.1mac_os_xwindows_10n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2016-4145
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-3.70% / 87.47%
||
7 Day CHG+1.52%
Published-16 Jun, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

Action-Not Available
Vendor-n/aAdobe Inc.openSUSELinux Kernel Organization, IncSUSERed Hat, Inc.Google LLCApple Inc.Microsoft Corporation
Product-chrome_osenterprise_linux_serverlinux_kernelmacoslinux_enterprise_desktopwindows_8.1windows_10flash_playeropensuseflash_player_desktop_runtimeenterprise_linux_desktopwindows_rt_8.1windowsenterprise_linux_workstationlinux_enterprise_workstation_extensionwindows_server_2012n/a
CVE-2016-4139
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-3.70% / 87.47%
||
7 Day CHG+1.52%
Published-16 Jun, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

Action-Not Available
Vendor-n/aAdobe Inc.openSUSELinux Kernel Organization, IncSUSERed Hat, Inc.Google LLCApple Inc.Microsoft Corporation
Product-chrome_osenterprise_linux_serverlinux_kernelmacoslinux_enterprise_desktopwindows_8.1windows_10flash_playeropensuseflash_player_desktop_runtimeenterprise_linux_desktopwindows_rt_8.1windowsenterprise_linux_workstationlinux_enterprise_workstation_extensionwindows_server_2012n/a
CVE-2016-4141
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-3.70% / 87.47%
||
7 Day CHG+1.52%
Published-16 Jun, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

Action-Not Available
Vendor-n/aAdobe Inc.openSUSELinux Kernel Organization, IncSUSERed Hat, Inc.Google LLCApple Inc.Microsoft Corporation
Product-chrome_osenterprise_linux_serverlinux_kernelmacoslinux_enterprise_desktopwindows_8.1windows_10flash_playeropensuseflash_player_desktop_runtimeenterprise_linux_desktopwindows_rt_8.1windowsenterprise_linux_workstationlinux_enterprise_workstation_extensionwindows_server_2012n/a
CVE-2016-4156
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-6.25% / 90.52%
||
7 Day CHG+1.71%
Published-16 Jun, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

Action-Not Available
Vendor-n/aAdobe Inc.openSUSELinux Kernel Organization, IncSUSERed Hat, Inc.Google LLCApple Inc.Microsoft Corporation
Product-chrome_osenterprise_linux_serverlinux_kernelmacoslinux_enterprise_desktopwindows_8.1windows_10flash_playeropensuseflash_player_desktop_runtimeenterprise_linux_desktopwindows_rt_8.1windowsenterprise_linux_workstationlinux_enterprise_workstation_extensionwindows_server_2012n/a
CVE-2016-4155
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-4.13% / 88.18%
||
7 Day CHG+1.03%
Published-16 Jun, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

Action-Not Available
Vendor-n/aAdobe Inc.openSUSELinux Kernel Organization, IncSUSERed Hat, Inc.Google LLCApple Inc.Microsoft Corporation
Product-flash_playerenterprise_linux_serverchrome_oslinux_kernellinux_enterprise_workstation_extensionopensuseflash_player_desktop_runtimeenterprise_linux_desktopenterprise_linux_workstationlinux_enterprise_desktopwindowswindows_8.1mac_os_xwindows_10n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2016-4133
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-3.70% / 87.47%
||
7 Day CHG~0.00%
Published-16 Jun, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

Action-Not Available
Vendor-n/aAdobe Inc.openSUSELinux Kernel Organization, IncSUSERed Hat, Inc.Google LLCApple Inc.Microsoft Corporation
Product-chrome_osenterprise_linux_serverlinux_kernelmacoslinux_enterprise_desktopwindows_8.1windows_10flash_playeropensuseflash_player_desktop_runtimeenterprise_linux_desktopwindows_rt_8.1windowsenterprise_linux_workstationlinux_enterprise_workstation_extensionwindows_server_2012n/a
CVE-2016-4129
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-2.18% / 83.68%
||
7 Day CHG~0.00%
Published-16 Jun, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

Action-Not Available
Vendor-n/aAdobe Inc.openSUSELinux Kernel Organization, IncSUSERed Hat, Inc.Google LLCApple Inc.Microsoft Corporation
Product-flash_playerenterprise_linux_serverchrome_oslinux_kernellinux_enterprise_workstation_extensionopensuseflash_player_desktop_runtimeenterprise_linux_desktopenterprise_linux_workstationlinux_enterprise_desktopwindowswindows_8.1mac_os_xwindows_10n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2016-4137
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-40.17% / 97.24%
||
7 Day CHG~0.00%
Published-16 Jun, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

Action-Not Available
Vendor-n/aAdobe Inc.openSUSELinux Kernel Organization, IncSUSERed Hat, Inc.Google LLCApple Inc.Microsoft Corporation
Product-chrome_osenterprise_linux_serverlinux_kernelmacoslinux_enterprise_desktopwindows_8.1windows_10flash_playeropensuseflash_player_desktop_runtimeenterprise_linux_desktopwindows_rt_8.1windowsenterprise_linux_workstationlinux_enterprise_workstation_extensionwindows_server_2012n/a
CVE-2016-4142
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-3.70% / 87.47%
||
7 Day CHG+1.52%
Published-16 Jun, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

Action-Not Available
Vendor-n/aAdobe Inc.openSUSELinux Kernel Organization, IncSUSERed Hat, Inc.Google LLCApple Inc.Microsoft Corporation
Product-chrome_osenterprise_linux_serverlinux_kernelmacoslinux_enterprise_desktopwindows_8.1windows_10flash_playeropensuseflash_player_desktop_runtimeenterprise_linux_desktopwindows_rt_8.1windowsenterprise_linux_workstationlinux_enterprise_workstation_extensionwindows_server_2012n/a
CVE-2016-4152
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-4.13% / 88.18%
||
7 Day CHG+1.03%
Published-16 Jun, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

Action-Not Available
Vendor-n/aAdobe Inc.openSUSELinux Kernel Organization, IncSUSERed Hat, Inc.Google LLCApple Inc.Microsoft Corporation
Product-flash_playerenterprise_linux_serverchrome_oslinux_kernellinux_enterprise_workstation_extensionopensuseflash_player_desktop_runtimeenterprise_linux_desktopenterprise_linux_workstationlinux_enterprise_desktopwindowswindows_8.1mac_os_xwindows_10n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2016-4738
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-8.8||HIGH
EPSS-7.63% / 91.49%
||
7 Day CHG~0.00%
Published-25 Sep, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libxslt in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.

Action-Not Available
Vendor-n/aDebian GNU/LinuxApple Inc.
Product-watchosdebian_linuxiphone_osmac_os_xtvosn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-4147
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-3.70% / 87.47%
||
7 Day CHG+1.52%
Published-16 Jun, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

Action-Not Available
Vendor-n/aAdobe Inc.openSUSELinux Kernel Organization, IncSUSERed Hat, Inc.Google LLCApple Inc.Microsoft Corporation
Product-chrome_osenterprise_linux_serverlinux_kernelmacoslinux_enterprise_desktopwindows_8.1windows_10flash_playeropensuseflash_player_desktop_runtimeenterprise_linux_desktopwindows_rt_8.1windowsenterprise_linux_workstationlinux_enterprise_workstation_extensionwindows_server_2012n/a
CVE-2016-4149
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-2.95% / 85.93%
||
7 Day CHG+0.77%
Published-16 Jun, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

Action-Not Available
Vendor-n/aAdobe Inc.openSUSELinux Kernel Organization, IncSUSERed Hat, Inc.Google LLCApple Inc.Microsoft Corporation
Product-flash_playerchrome_osenterprise_linux_serverlinux_kernellinux_enterprise_workstation_extensionopensuseflash_player_desktop_runtimeenterprise_linux_desktopenterprise_linux_workstationlinux_enterprise_desktopwindowswindows_8.1mac_os_xwindows_10n/a
CWE ID-CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CVE-2016-3679
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.85% / 73.96%
||
7 Day CHG~0.00%
Published-29 Mar, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple unspecified vulnerabilities in Google V8 before 4.9.385.33, as used in Google Chrome before 49.0.2623.108, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

Action-Not Available
Vendor-n/aGoogle LLCopenSUSECanonical Ltd.
Product-v8opensuseubuntu_linuxchromen/a
CVE-2015-4493
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-9.3||HIGH
EPSS-10.72% / 93.03%
||
7 Day CHG~0.00%
Published-16 Aug, 2015 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the stagefright::ESDS::parseESDescriptor function in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via an invalid size field in an esds chunk in MPEG-4 video data, a related issue to CVE-2015-1539.

Action-Not Available
Vendor-n/aMozilla CorporationopenSUSEOracle CorporationCanonical Ltd.
Product-firefoxopensuseubuntu_linuxsolarisn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2008-2069
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-14.96% / 94.29%
||
7 Day CHG~0.00%
Published-02 May, 2008 | 23:00
Updated-07 Aug, 2024 | 08:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Novell GroupWise 7 allows remote attackers to cause a denial of service or execute arbitrary code via a long argument in a mailto: URI.

Action-Not Available
Vendor-n/aNovell
Product-groupwisen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2008-2431
Matching Score-8
Assigner-Flexera Software LLC
ShareView Details
Matching Score-8
Assigner-Flexera Software LLC
CVSS Score-9.3||HIGH
EPSS-32.80% / 96.73%
||
7 Day CHG~0.00%
Published-26 Nov, 2008 | 01:00
Updated-07 Aug, 2024 | 08:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in Novell iPrint Client before 5.06 allow remote attackers to execute arbitrary code by calling the Novell iPrint ActiveX control (aka ienipp.ocx) with (1) a long third argument to the GetDriverFile method; a long first argument to the (2) GetPrinterURLList or (3) GetPrinterURLList2 method; (4) a long argument to the GetFileList method; a long argument to the (5) GetServerVersion, (6) GetResourceList, or (7) DeleteResource method, related to nipplib.dll; a long uploadPath argument to the (8) UploadPrinterDriver or (9) UploadResource method, related to URIs; (10) a long seventh argument to the UploadResource method; a long string in the (11) second, (12) third, or (13) fourth argument to the GetDriverSettings method, related to the IppGetDriverSettings function in nipplib.dll; or (14) a long eighth argument to the UploadResourceToRMS method.

Action-Not Available
Vendor-n/aNovell
Product-iprintn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-2799
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-1.16% / 77.70%
||
7 Day CHG~0.00%
Published-13 Mar, 2016 | 18:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the graphite2::Slot::setAttr function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Graphite smart font.

Action-Not Available
Vendor-siln/aMozilla CorporationopenSUSESUSEOracle Corporation
Product-leapopensusefirefoxgraphite2linuxlinux_enterprisen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-2794
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-1.80% / 82.05%
||
7 Day CHG~0.00%
Published-13 Mar, 2016 | 18:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The graphite2::TtfUtil::CmapSubtable12NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font.

Action-Not Available
Vendor-siln/aMozilla CorporationopenSUSESUSEOracle Corporation
Product-leapfirefoxopensusegraphite2linuxlinux_enterprisen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-1935
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-0.53% / 66.04%
||
7 Day CHG~0.00%
Published-31 Jan, 2016 | 18:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the BufferSubData function in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allows remote attackers to execute arbitrary code via crafted WebGL content.

Action-Not Available
Vendor-n/aMozilla CorporationOracle CorporationopenSUSE
Product-leapopensusefirefoxlinuxn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-2834
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-1.55% / 80.69%
||
7 Day CHG~0.00%
Published-13 Jun, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mozilla Network Security Services (NSS) before 3.23, as used in Mozilla Firefox before 47.0, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.

Action-Not Available
Vendor-n/aMozilla CorporationopenSUSENovellCanonical Ltd.
Product-leapopensusefirefoxubuntu_linuxsuse_linux_enterprise_serversuse_linux_enterprise_desktopnetwork_security_servicessuse_linux_enterprise_software_development_kitn/a
CVE-2016-1834
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-2.82% / 85.60%
||
7 Day CHG+1.11%
Published-20 May, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the xmlStrncat function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.

Action-Not Available
Vendor-n/aApple Inc.Canonical Ltd.libxml2 (XMLSoft)Debian GNU/LinuxMcAfee, LLCRed Hat, Inc.
Product-enterprise_linux_serverenterprise_linux_server_auslibxml2watchosubuntu_linuxenterprise_linux_desktopenterprise_linux_server_eusweb_gatewayenterprise_linux_server_tusenterprise_linux_workstationdebian_linuxiphone_osmac_os_xtvosn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2008-2436
Matching Score-8
Assigner-Flexera Software LLC
ShareView Details
Matching Score-8
Assigner-Flexera Software LLC
CVSS Score-9.3||HIGH
EPSS-18.62% / 95.02%
||
7 Day CHG~0.00%
Published-05 Sep, 2008 | 16:00
Updated-07 Aug, 2024 | 08:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple heap-based buffer overflows in the IppCreateServerRef function in nipplib.dll in Novell iPrint Client 4.x before 4.38 and 5.x before 5.08 allow remote attackers to execute arbitrary code via a long argument to the (1) GetPrinterURLList, (2) GetPrinterURLList2, or (3) GetFileList2 function in the Novell iPrint ActiveX control in ienipp.ocx.

Action-Not Available
Vendor-n/aNovell
Product-iprint_clientn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2016-1945
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-0.67% / 70.48%
||
7 Day CHG~0.00%
Published-31 Jan, 2016 | 18:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The nsZipArchive function in Mozilla Firefox before 44.0 might allow remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect use of a pointer during processing of a ZIP archive.

Action-Not Available
Vendor-n/aMozilla CorporationopenSUSE
Product-leapfirefoxopensusen/a
CVE-2016-2334
Matching Score-8
Assigner-CERT/CC
ShareView Details
Matching Score-8
Assigner-CERT/CC
CVSS Score-7.8||HIGH
EPSS-16.30% / 94.58%
||
7 Day CHG~0.00%
Published-13 Dec, 2016 | 22:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the NArchive::NHfs::CHandler::ExtractZlibFile method in 7zip before 16.00 and p7zip allows remote attackers to execute arbitrary code via a crafted HFS+ image.

Action-Not Available
Vendor-7-zipn/aFedora ProjectOracle Corporation
Product-7-zipfedorasolarisn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-1646
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-71.72% / 98.67%
||
7 Day CHG~0.00%
Published-29 Mar, 2016 | 10:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-06-22||Apply updates per vendor instructions.

The Array.prototype.concat implementation in builtins.cc in Google V8, as used in Google Chrome before 49.0.2623.108, does not properly consider element data types, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted JavaScript code.

Action-Not Available
Vendor-n/aSUSERed Hat, Inc.Google LLCopenSUSECanonical Ltd.Debian GNU/Linux
Product-enterprise_linux_serverpackage_hubenterprise_linux_eusleapopensuseubuntu_linuxenterprise_linux_desktopenterprise_linux_workstationchromedebian_linuxn/aChromium V8
CWE ID-CWE-125
Out-of-bounds Read
CVE-2016-1645
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-2.78% / 85.49%
||
7 Day CHG~0.00%
Published-13 Mar, 2016 | 22:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple integer signedness errors in the opj_j2k_update_image_data function in j2k.c in OpenJPEG, as used in PDFium in Google Chrome before 49.0.2623.87, allow remote attackers to cause a denial of service (incorrect cast and out-of-bounds write) or possibly have unspecified other impact via crafted JPEG 2000 data.

Action-Not Available
Vendor-n/aGoogle LLCDebian GNU/LinuxopenSUSE
Product-leapopensusesuse_linux_enterprise_serverchromedebian_linuxn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • ...
  • 17
  • 18
  • Next
Details not found