Lucene search

AdobeCVE-2016-0967

HistoryFeb 10, 2016 - 8:59 p.m.

CVE-2016-0967

2016-02-1020:59:14

CWE-787

adobe

web.nvd.nist.gov

cve-2016-0967

adobe flash player

adobe air

memory corruption

arbitrary code execution

denial of service

nvd

vulnerability

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

9.2

Confidence

High

EPSS

0.471

Percentile

97.5%

JSON

Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981.

Affected configurations

Nvd

Node

adobeflash_playerRange≤11.2.202.559

AND

linuxlinux_kernelMatch-

Node

adobeflash_player_desktop_runtimeRange≤20.0.0.286

AND

applemac_os_xMatch-

microsoftwindowsMatch-

Node

adobeflash_playerRange≤18.0.0.326esr

AND

applemac_os_xMatch-

microsoftwindowsMatch-

Node

microsoftwindows_10Match-

microsoftwindows_8.1Match-

AND

adobeflash_playerRange≤20.0.0.272internet_explorer

Node

adobeflash_playerRange≤20.0.0.286chrome

AND

applemac_os_xMatch-

googlechrome_osMatch-

linuxlinux_kernelMatch-

microsoftwindowsMatch-

Node

microsoftwindows_10Match-

AND

adobeflash_playerRange≤20.0.0.272edge

Node

adobeair_desktop_runtimeRange≤20.0.0.233

AND

applemac_os_xMatch-

microsoftwindowsMatch-

Node

adobeair_sdkRange≤20.0.0.233

AND

appleiphone_osMatch-

applemac_os_xMatch-

googleandroidMatch-

microsoftwindowsMatch-

Node

adobeair_sdk_\&_compilerRange≤20.0.0.233

AND

appleiphone_osMatch-

applemac_os_xMatch-

googleandroidMatch-

microsoftwindowsMatch-

VendorProductVersionCPE
adobeflash_player*cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
linuxlinux_kernel-cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
adobeflash_player_desktop_runtime*cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*
applemac_os_x-cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*
microsoftwindows-cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
adobeflash_player*cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*
microsoftwindows_10-cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
microsoftwindows_8.1-cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*
adobeflash_player*cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*
adobeflash_player*cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*

Vendor	Product	Version	CPE
adobe	flash_player	*	cpe:2.3:a:adobe:flash_player::::::::
linux	linux_kernel	-	cpe:2.3:o:linux:linux_kernel:-:::::::*
adobe	flash_player_desktop_runtime	*	cpe:2.3:a:adobe:flash_player_desktop_runtime::::::::
apple	mac_os_x	-	cpe:2.3:o:apple:mac_os_x:-:::::::*
microsoft	windows	-	cpe:2.3:o:microsoft:windows:-:::::::*
adobe	flash_player	*	cpe:2.3:a:adobe:flash_player:::::esr:::*
microsoft	windows_10	-	cpe:2.3:o:microsoft:windows_10:-:::::::*
microsoft	windows_8.1	-	cpe:2.3:o:microsoft:windows_8.1:-:::::::*
adobe	flash_player	*	cpe:2.3:a:adobe:flash_player::::::internet_explorer::*
adobe	flash_player	*	cpe:2.3:a:adobe:flash_player::::::chrome::*