Sign-up

ID

VAR-201606-0042


CVE

CVE-2016-4160


TITLE

Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution

Trust: 0.8

sources: JVNDB: JVNDB-2016-003276

DESCRIPTION

Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4161, CVE-2016-4162, and CVE-2016-4163. Limited information is currently available regarding this issue. We will update this BID as more information emerges. Failed exploit attempts will likely result in denial-of-service conditions. Adobe Flash Player, Adobe AIR SDK and Adobe AIR SDK & Compiler are all products of American Adobe (Adobe). Security flaws exist in several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 21.0.0.226 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.343 and earlier versions, AIR Desktop Runtime 21.0.0.198 and earlier versions, based on Windows , Macintosh, Linux and ChromeOS platforms Adobe Flash Player for Google Chrome 21.0.0.216 and previous versions, Windows 10-based Adobe Flash Player for Microsoft Edge and Internet Explorer 11 21.0.0.241 and previous versions, Windows 8.1-based Adobe Flash Player for Internet Explorer 11 21.0.0.241 and earlier versions, Adobe Flash Player for Linux 11.2.202.616 and earlier versions based on Linux platforms, AIR SDK 21.0.0.198 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK & Compiler 21.0.0.198 and earlier versions. Background ========== The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All Adobe Flash Player users should upgrade to the latest version: <code> # emerge --sync # emerge --ask --oneshot --verbose "www-plugins/adobe-flash-11.2.202.626" References ========== [ 1 ] CVE-2016-1019 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1019 [ 2 ] CVE-2016-1019 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1019 [ 3 ] CVE-2016-1019 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1019 [ 4 ] CVE-2016-4117 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4117 [ 5 ] CVE-2016-4117 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4117 [ 6 ] CVE-2016-4120 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4120 [ 7 ] CVE-2016-4120 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4120 [ 8 ] CVE-2016-4120 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4120 [ 9 ] CVE-2016-4121 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4121 [ 10 ] CVE-2016-4160 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4160 [ 11 ] CVE-2016-4161 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4161 [ 12 ] CVE-2016-4162 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4162 [ 13 ] CVE-2016-4163 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4163 [ 14 ] CVE-2016-4171 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4171 [ 15 ] CVE-2016-4171 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4171 [ 16 ] CVE-2016-4171 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4171 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201606-08 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5

Trust: 2.16

sources: NVD: CVE-2016-4160 // JVNDB: JVNDB-2016-003276 // BID: 90618 // VULHUB: VHN-92979 // VULMON: CVE-2016-4160 // PACKETSTORM: 137537

AFFECTED PRODUCTS

vendor:adobemodel:air desktop runtimescope:lteversion:21.0.0.198

Trust: 1.0

vendor:adobemodel:flash player desktop runtimescope:lteversion:21.0.0.226

Trust: 1.0

vendor:adobemodel:flash playerscope:lteversion:18.0.0.343

Trust: 1.0

vendor:adobemodel:flash playerscope:lteversion:21.0.0.216

Trust: 1.0

vendor:adobemodel:air sdkscope:lteversion:21.0.0.198

Trust: 1.0

vendor:adobemodel:air sdk \& compilerscope:lteversion:21.0.0.198

Trust: 1.0

vendor:adobemodel:flash playerscope:lteversion:21.0.0.241

Trust: 1.0

vendor:adobemodel:flash playerscope:lteversion:11.2.202.616

Trust: 1.0

vendor:googlemodel:chromescope: - version: -

Trust: 0.8

vendor:adobemodel:airscope:ltversion:desktop runtime 21.0.0.215 (windows/macintosh)

Trust: 0.8

vendor:adobemodel:air sdkscope:ltversion:21.0.0.215 (windows/macintosh/android/ios)

Trust: 0.8

vendor:adobemodel:air sdk & compilerscope:ltversion:21.0.0.215 (windows/macintosh/android/ios)

Trust: 0.8

vendor:adobemodel:flash playerscope:ltversion:11.2.202.621 (linux)

Trust: 0.8

vendor:adobemodel:flash playerscope:ltversion:21.0.0.242 (windows 10/8.1 edition microsoft edge/internet explorer 11)

Trust: 0.8

vendor:adobemodel:flash playerscope:ltversion:21.0.0.242 (windows/macintosh/linux/chromeos edition chrome)

Trust: 0.8

vendor:adobemodel:flash playerscope:ltversion:desktop runtime 21.0.0.242 (windows/macintosh)

Trust: 0.8

vendor:adobemodel:flash playerscope:ltversion:continuous support release 18.0.0.352 (windows/macintosh)

Trust: 0.8

vendor:microsoftmodel:windows 10scope:eqversion:for 32-bit systems

Trust: 0.8

vendor:microsoftmodel:windows 10scope:eqversion:for x64-based systems

Trust: 0.8

vendor:microsoftmodel:windows 10scope:eqversion:version 1511 for 32-bit systems

Trust: 0.8

vendor:microsoftmodel:windows 10scope:eqversion:version 1511 for x64-based systems

Trust: 0.8

vendor:microsoftmodel:windows 8.1scope:eqversion:for 32-bit systems

Trust: 0.8

vendor:microsoftmodel:windows 8.1scope:eqversion:for x64-based systems

Trust: 0.8

vendor:microsoftmodel:windows rt 8.1scope: - version: -

Trust: 0.8

vendor:microsoftmodel:windows server 2012scope:eqversion:none

Trust: 0.8

vendor:microsoftmodel:windows server 2012scope:eqversion:r2

Trust: 0.8

vendor:applemodel:mac os xscope: - version: -

Trust: 0.6

vendor:adobemodel:flash playerscope:eqversion:10.1.53.64

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.51.66

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.452

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.3218

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.22.87

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.15.3

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.12.36

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.12.35

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.262

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.2460

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.152.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.151.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.124.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.48.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.47.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.45.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.31.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.289.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.283.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.280

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.28.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.277.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.262.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.260.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.246.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.159.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.155.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.115.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:8.0.35.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:8.0.34.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:8

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7.0.73.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7.0.70.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7.0.69.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7.0.68.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7.0.67.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7.0.66.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7.0.61.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7.0.60.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7.0.53.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7.0.24.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7.0.19.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7.0.14.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202.235

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202.233

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202.229

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202.228

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202.223

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.115.8

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.115.7

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.115.6

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.112.61

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.111.9

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.111.8

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.111.7

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.111.6

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.111.5

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.102.63

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.102.62

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.102.55

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.102.228

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.0.1.152

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.186.7

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.186.6

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.186.3

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.186.2

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.185.25

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.185.23

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.185.22

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.185.21

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.183.7

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.183.5

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.183.4

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.183.10

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.181.34

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.181.26

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.181.23

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.181.22

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.181.16

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.181.14

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.159.1

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.157.51

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.156.12

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.154.28

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.154.27

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.154.25

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.154.24

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.154.18

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.154.13

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.153.1

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.152.33

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.152.32

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.152.21

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.152

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.95.2

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.95.1

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.92.8

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.92.10

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.85.3

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.82.76

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.52.15

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.52.14.1

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.106.16

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.105.6

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.102.65

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.102.64

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.42.34

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.32.18

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10

Trust: 0.3

vendor:adobemodel:airscope:eqversion:2.0.4

Trust: 0.3

vendor:adobemodel:airscope:eqversion:2.0.3

Trust: 0.3

vendor:adobemodel:airscope:eqversion:1.5.3.9130

Trust: 0.3

vendor:adobemodel:airscope:eqversion:1.5.3.9120

Trust: 0.3

vendor:adobemodel:airscope:eqversion:1.5.3

Trust: 0.3

vendor:adobemodel:airscope:eqversion:1.5.2

Trust: 0.3

vendor:adobemodel:airscope:eqversion:1.5.1

Trust: 0.3

vendor:adobemodel:airscope:eqversion:3.2.0.2080

Trust: 0.3

vendor:adobemodel:airscope:eqversion:3.2.0.2070

Trust: 0.3

vendor:adobemodel:airscope:eqversion:3.1.0.4880

Trust: 0.3

vendor:adobemodel:airscope:eqversion:3.0

Trust: 0.3

vendor:adobemodel:airscope:eqversion:2.7.1.1961

Trust: 0.3

vendor:adobemodel:airscope:eqversion:2.7.1

Trust: 0.3

vendor:adobemodel:airscope:eqversion:2.7

Trust: 0.3

vendor:adobemodel:airscope:eqversion:2.6.19140

Trust: 0.3

vendor:adobemodel:airscope:eqversion:2.6.19120

Trust: 0.3

vendor:adobemodel:airscope:eqversion:2.6

Trust: 0.3

vendor:adobemodel:airscope:eqversion:2.5.1

Trust: 0.3

vendor:adobemodel:airscope:eqversion:2.0.2.12610

Trust: 0.3

vendor:adobemodel:airscope:eqversion:2.0.2

Trust: 0.3

vendor:adobemodel:airscope:eqversion:1.5

Trust: 0.3

vendor:adobemodel:airscope:eqversion:1.1

Trust: 0.3

vendor:adobemodel:airscope:eqversion:1.01

Trust: 0.3

vendor:adobemodel:airscope:eqversion:1.0

Trust: 0.3

sources: BID: 90618 // JVNDB: JVNDB-2016-003276 // CNNVD: CNNVD-201606-421 // NVD: CVE-2016-4160

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-4160
value: CRITICAL

Trust: 1.0

NVD: CVE-2016-4160
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-201606-421
value: CRITICAL

Trust: 0.6

VULHUB: VHN-92979
value: HIGH

Trust: 0.1

VULMON: CVE-2016-4160
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2016-4160
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-92979
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2016-4160
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2016-4160
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-92979 // VULMON: CVE-2016-4160 // JVNDB: JVNDB-2016-003276 // CNNVD: CNNVD-201606-421 // NVD: CVE-2016-4160

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-92979 // JVNDB: JVNDB-2016-003276 // NVD: CVE-2016-4160

THREAT TYPE

remote

Trust: 0.7

sources: PACKETSTORM: 137537 // CNNVD: CNNVD-201606-421

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201606-421

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2016-003276

PATCH
title:APSB16-15url:http://helpx.adobe.com/security/products/flash-player/apsb16-15.html
Trust: 0.8
title:APSB16-15url:https://helpx.adobe.com/jp/security/products/flash-player/apsb16-15.html
Trust: 0.8
title:Google Chrome を更新するurl:https://support.google.com/chrome/answer/95414?hl=ja
Trust: 0.8
title:Google Chromeurl:https://www.google.com/intl/ja/chrome/browser/features.html
Trust: 0.8
title:Chrome Releasesurl:http://googlechromereleases.blogspot.jp/
Trust: 0.8
title:MS16-064url:https://technet.microsoft.com/en-us/library/security/ms16-064.aspx
Trust: 0.8
title:MS16-064url:https://technet.microsoft.com/ja-jp/library/security/ms16-064.aspx
Trust: 0.8
title:Multiple Adobe Product security vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=62350
Trust: 0.6
title:CVE-Studyurl:https://github.com/thdusdl1219/CVE-Study 
Trust: 0.1
sources:
            
            
            VULMON: CVE-2016-4160 // 
            
            
            
            JVNDB: JVNDB-2016-003276 // 
            
            
            
            CNNVD: CNNVD-201606-421

EXTERNAL IDS
db:NVDid:CVE-2016-4160
Trust: 3.0
db:BIDid:90618
Trust: 2.1
db:JVNDBid:JVNDB-2016-003276
Trust: 0.8
db:CNNVDid:CNNVD-201606-421
Trust: 0.7
db:VULHUBid:VHN-92979
Trust: 0.1
db:VULMONid:CVE-2016-4160
Trust: 0.1
db:PACKETSTORMid:137537
Trust: 0.1
sources:
            
            
            VULHUB: VHN-92979 // 
            
            
            
            VULMON: CVE-2016-4160 // 
            
            
            
            BID: 90618 // 
            
            
            
            JVNDB: JVNDB-2016-003276 // 
            
            
            
            PACKETSTORM: 137537 // 
            
            
            
            CNNVD: CNNVD-201606-421 // 
            
            
            
            NVD: CVE-2016-4160

REFERENCES
url:https://security.gentoo.org/glsa/201606-08
Trust: 1.9
url:http://www.securityfocus.com/bid/90618
Trust: 1.8
url:https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
Trust: 1.8
url:http://rhn.redhat.com/errata/rhsa-2016-1079.html
Trust: 1.8
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4160
Trust: 0.8
url:https://www.ipa.go.jp/security/ciadr/vul/20160511-adobeflashplayer.html
Trust: 0.8
url:https://www.jpcert.or.jp/at/2016/at160024.html
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4160
Trust: 0.8
url:http://www.npa.go.jp/cyberpolice/topics/?seq=18389
Trust: 0.8
url:http://www.adobe.com
Trust: 0.3
url:https://cwe.mitre.org/data/definitions/119.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://github.com/thdusdl1219/cve-study
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4163
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4160
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4160
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4117
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4120
Trust: 0.1
url:https://security.gentoo.org/
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4162
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4117
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4121
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4121
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-1019
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4161
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4171
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4120
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4171
Trust: 0.1
url:http://creativecommons.org/licenses/by-sa/2.5
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4161
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1019
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4162
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4163
Trust: 0.1
url:https://bugs.gentoo.org.
Trust: 0.1
sources:
            
            
            VULHUB: VHN-92979 // 
            
            
            
            VULMON: CVE-2016-4160 // 
            
            
            
            BID: 90618 // 
            
            
            
            JVNDB: JVNDB-2016-003276 // 
            
            
            
            PACKETSTORM: 137537 // 
            
            
            
            CNNVD: CNNVD-201606-421 // 
            
            
            
            NVD: CVE-2016-4160

CREDITS
Mateusz Jurczyk and Natalie Silvanovich of Google Project Zero, Wen Guanxing from Pangu LAB and willJ of Tencent PC Manager.
Trust: 0.3
sources:
            
            
            BID: 90618

SOURCES
db:VULHUBid:VHN-92979
db:VULMONid:CVE-2016-4160
db:BIDid:90618
db:JVNDBid:JVNDB-2016-003276
db:PACKETSTORMid:137537
db:CNNVDid:CNNVD-201606-421
db:NVDid:CVE-2016-4160

LAST UPDATE DATE
2024-08-14T13:32:19.061000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-92979date:2022-12-14T00:00:00
db:VULMONid:CVE-2016-4160date:2022-12-14T00:00:00
db:BIDid:90618date:2016-07-06T14:40:00
db:JVNDBid:JVNDB-2016-003276date:2016-06-21T00:00:00
db:CNNVDid:CNNVD-201606-421date:2022-12-16T00:00:00
db:NVDid:CVE-2016-4160date:2022-12-14T17:29:15.353

SOURCES RELEASE DATE
db:VULHUBid:VHN-92979date:2016-06-16T00:00:00
db:VULMONid:CVE-2016-4160date:2016-06-16T00:00:00
db:BIDid:90618date:2016-05-12T00:00:00
db:JVNDBid:JVNDB-2016-003276date:2016-06-21T00:00:00
db:PACKETSTORMid:137537date:2016-06-18T13:14:00
db:CNNVDid:CNNVD-201606-421date:2016-06-17T00:00:00
db:NVDid:CVE-2016-4160date:2016-06-16T14:59:43.030