CVE-2016-4171critical
Description
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in June 2016.
References
https://helpx.adobe.com/security/products/flash-player/apsa16-03.html
https://access.redhat.com/errata/RHSA-2016:1238
https://helpx.adobe.com/security/products/flash-player/apsb16-18.html
http://www.securityfocus.com/bid/91184
https://security.gentoo.org/glsa/201606-08
http://www.securitytracker.com/id/1036094
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html
https://www.kb.cert.org/vuls/id/748992
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html
Details
Source: MITRE
Published: 2016-06-16
Updated: 2021-11-26
Type: NVD-CWE-noinfo
Risk Information
CVSS v2
Base Score: 10
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Impact Score: 10
Exploitability Score: 10
Severity: HIGH
CVSS v3
Base Score: 9.8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Impact Score: 5.9
Exploitability Score: 3.9
Severity: CRITICAL