ByteOS Network

NVD Vulnerability Details :

CVE-2016-4117

Analyzed

Source-psirt@adobe.com

View Known Exploited Vulnerability (KEV) details

Published At-11 May, 2016 | 01:59

Updated At-21 Apr, 2026 | 21:07

Adobe Flash Player 21.0.0.226 and earlier allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in May 2016.

CISA Catalog

Date Added	Due Date	Vulnerability Name	Required Action
2022-03-03	2022-03-24	Adobe Flash Player Arbitrary Code Execution Vulnerability	The impacted product is end-of-life and should be disconnected if still in use.

Date Added: 2022-03-03

Due Date: 2022-03-24

Vulnerability Name: Adobe Flash Player Arbitrary Code Execution Vulnerability

Required Action: The impacted product is end-of-life and should be disconnected if still in use.

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.1	9.8	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Secondary	3.1	7.8	HIGH	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Primary	2.0	10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C

Type: Primary

Version: 3.1

Base score: 9.8

Base severity: CRITICAL

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Type: Secondary

Version: 3.1

Base score: 7.8

Base severity: HIGH

Vector:

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Type: Primary

Version: 2.0

Base score: 10.0

Base severity: HIGH

Vector:

AV:N/AC:L/Au:N/C:C/I:C/A:C

CPE Matches

Adobe Inc.

>>flash_player>>Versions up to 21.0.0.226(inclusive)

cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*

Red Hat, Inc.

>>enterprise_linux_desktop>>5.0

cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*

Red Hat, Inc.

>>enterprise_linux_desktop>>6.0

cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*

Red Hat, Inc.

>>enterprise_linux_server>>5.0

cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*

Red Hat, Inc.

>>enterprise_linux_server>>6.0

cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*

Red Hat, Inc.

>>enterprise_linux_server_from_rhui>>5.0

cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:5.0:*:*:*:*:*:*:*

Red Hat, Inc.

>>enterprise_linux_server_from_rhui>>6.0

cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:6.0:*:*:*:*:*:*:*

Red Hat, Inc.

>>enterprise_linux_workstation>>5.0

cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*

Red Hat, Inc.

>>enterprise_linux_workstation>>6.0

cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*

openSUSE

>>evergreen>>11.4

cpe:2.3:o:opensuse:evergreen:11.4:*:*:*:*:*:*:*

openSUSE

>>opensuse>>13.1

cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*

openSUSE

>>opensuse>>13.2

cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*

SUSE

>>linux_enterprise_desktop>>12

cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*

SUSE

>>linux_enterprise_desktop>>12

cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*

SUSE

>>linux_enterprise_workstation_extension>>12

cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*

SUSE

>>linux_enterprise_workstation_extension>>12

cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
NVD-CWE-noinfo	Primary	nvd@nist.gov

CWE ID: NVD-CWE-noinfo

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html	psirt@adobe.com	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html	psirt@adobe.com	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00046.html	psirt@adobe.com	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00047.html	psirt@adobe.com	Mailing List Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-1079.html	psirt@adobe.com	Third Party Advisory
http://www.securityfocus.com/bid/90505	psirt@adobe.com	Broken Link Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1035826	psirt@adobe.com	Broken Link Third Party Advisory VDB Entry
https://helpx.adobe.com/security/products/flash-player/apsa16-02.html	psirt@adobe.com	Broken Link Vendor Advisory
https://helpx.adobe.com/security/products/flash-player/apsb16-15.html	psirt@adobe.com	Broken Link
https://security.gentoo.org/glsa/201606-08	psirt@adobe.com	Third Party Advisory
https://www.exploit-db.com/exploits/46339/	psirt@adobe.com	Exploit Third Party Advisory VDB Entry
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html	af854a3a-2127-422b-91ae-364da2661108	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html	af854a3a-2127-422b-91ae-364da2661108	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00046.html	af854a3a-2127-422b-91ae-364da2661108	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00047.html	af854a3a-2127-422b-91ae-364da2661108	Mailing List Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-1079.html	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory
http://www.securityfocus.com/bid/90505	af854a3a-2127-422b-91ae-364da2661108	Broken Link Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1035826	af854a3a-2127-422b-91ae-364da2661108	Broken Link Third Party Advisory VDB Entry
https://helpx.adobe.com/security/products/flash-player/apsa16-02.html	af854a3a-2127-422b-91ae-364da2661108	Broken Link Vendor Advisory
https://helpx.adobe.com/security/products/flash-player/apsb16-15.html	af854a3a-2127-422b-91ae-364da2661108	Broken Link
https://security.gentoo.org/glsa/201606-08	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory
https://www.exploit-db.com/exploits/46339/	af854a3a-2127-422b-91ae-364da2661108	Exploit Third Party Advisory VDB Entry
https://github.com/cisagov/vulnrichment/issues/196	134c704f-9b21-4f2e-91b3-4a467353bcc0	Issue Tracking
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-4117	134c704f-9b21-4f2e-91b3-4a467353bcc0	US Government Resource