7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
7.6 High
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
0.94 High
EPSS
Percentile
99.1%
05/12/2016
Critical
Type confusion, use-after-free, buffer overflow, memory corruption and unsafe search path vulnerabilities were found in Adobe Flash Player. By exploiting these vulnerabilities malicious users can execute arbitrary code. These vulnerabilities can be exploited remotely.
Adobe Flash Player versions earlier than 21.0.0.242
Adobe Flash Player Extended Support Release versions earlier than 18.0.0.532
Adobe Flash Player for Linux versions earlier than 11.2.202.621
Adobe AIR versions earlier than 21.0.0.215
Update to the latest version
Adobe Flash Player download page
Adobe AIR download page
ACE
CVE-2016-11107.6Critical
CVE-2016-41167.6Critical
CVE-2016-41137.6Critical
CVE-2016-41127.6Critical
CVE-2016-41157.6Critical
CVE-2016-41147.6Critical
CVE-2016-11037.6Critical
CVE-2016-11027.6Critical
CVE-2016-11017.6Critical
CVE-2016-11007.6Critical
CVE-2016-11077.6Critical
CVE-2016-11067.6Critical
CVE-2016-11057.6Critical
CVE-2016-11047.6Critical
CVE-2016-11097.6Critical
CVE-2016-11087.6Critical
CVE-2016-41107.6Critical
CVE-2016-41117.6Critical
CVE-2016-41087.6Critical
CVE-2016-41097.6Critical
CVE-2016-10967.6Critical
CVE-2016-10977.6Critical
CVE-2016-10987.6Critical
CVE-2016-10997.6Critical
Public exploits exist for this vulnerability.
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1096
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1097
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1098
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1099
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1100
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1101
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1102
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1103
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1104
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1105
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1106
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1107
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1108
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1109
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1110
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4108
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4109
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4110
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4111
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4112
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4113
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4114
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4115
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4116
get.adobe.com/air/
get.adobe.com/flashplayer/
helpx.adobe.com/security/products/flash-player/apsb16-15.html
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Adobe-Flash-Player-ActiveX/
threats.kaspersky.com/en/product/Adobe-Flash-Player-NPAPI/
threats.kaspersky.com/en/product/Adobe-Flash-Player-PPAPI/
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
7.6 High
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
0.94 High
EPSS
Percentile
99.1%