ID

VAR-201606-0043


CVE

CVE-2016-4161


TITLE

Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution

Trust: 0.8

sources: JVNDB: JVNDB-2016-003277

DESCRIPTION

Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4160, CVE-2016-4162, and CVE-2016-4163. Limited information is currently available regarding this issue. We will update this BID as more information emerges. Failed exploit attempts will likely result in denial-of-service conditions. Adobe Flash Player, Adobe AIR SDK and Adobe AIR SDK & Compiler are all products of American Adobe (Adobe). Security flaws exist in several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 21.0.0.226 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.343 and earlier versions, AIR Desktop Runtime 21.0.0.198 and earlier versions, based on Windows , Macintosh, Linux and ChromeOS platforms Adobe Flash Player for Google Chrome 21.0.0.216 and previous versions, Windows 10-based Adobe Flash Player for Microsoft Edge and Internet Explorer 11 21.0.0.241 and previous versions, Windows 8.1-based Adobe Flash Player for Internet Explorer 11 21.0.0.241 and earlier versions, Adobe Flash Player for Linux 11.2.202.616 and earlier versions based on Linux platforms, AIR SDK 21.0.0.198 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK & Compiler 21.0.0.198 and earlier versions. Background ========== The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All Adobe Flash Player users should upgrade to the latest version: <code> # emerge --sync # emerge --ask --oneshot --verbose "www-plugins/adobe-flash-11.2.202.626" References ========== [ 1 ] CVE-2016-1019 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1019 [ 2 ] CVE-2016-1019 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1019 [ 3 ] CVE-2016-1019 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1019 [ 4 ] CVE-2016-4117 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4117 [ 5 ] CVE-2016-4117 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4117 [ 6 ] CVE-2016-4120 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4120 [ 7 ] CVE-2016-4120 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4120 [ 8 ] CVE-2016-4120 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4120 [ 9 ] CVE-2016-4121 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4121 [ 10 ] CVE-2016-4160 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4160 [ 11 ] CVE-2016-4161 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4161 [ 12 ] CVE-2016-4162 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4162 [ 13 ] CVE-2016-4163 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4163 [ 14 ] CVE-2016-4171 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4171 [ 15 ] CVE-2016-4171 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4171 [ 16 ] CVE-2016-4171 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4171 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201606-08 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5

Trust: 2.16

sources: NVD: CVE-2016-4161 // JVNDB: JVNDB-2016-003277 // BID: 90618 // VULHUB: VHN-92980 // VULMON: CVE-2016-4161 // PACKETSTORM: 137537

AFFECTED PRODUCTS

vendor:adobemodel:air desktop runtimescope:lteversion:21.0.0.198

Trust: 1.0

vendor:adobemodel:flash player desktop runtimescope:lteversion:21.0.0.226

Trust: 1.0

vendor:adobemodel:flash playerscope:lteversion:18.0.0.343

Trust: 1.0

vendor:adobemodel:flash playerscope:lteversion:21.0.0.216

Trust: 1.0

vendor:adobemodel:air sdkscope:lteversion:21.0.0.198

Trust: 1.0

vendor:adobemodel:air sdk \& compilerscope:lteversion:21.0.0.198

Trust: 1.0

vendor:adobemodel:flash playerscope:lteversion:21.0.0.241

Trust: 1.0

vendor:adobemodel:flash playerscope:lteversion:11.2.202.616

Trust: 1.0

vendor:googlemodel:chromescope: - version: -

Trust: 0.8

vendor:adobemodel:airscope:ltversion:desktop runtime 21.0.0.215 (windows/macintosh)

Trust: 0.8

vendor:adobemodel:air sdkscope:ltversion:21.0.0.215 (windows/macintosh/android/ios)

Trust: 0.8

vendor:adobemodel:air sdk & compilerscope:ltversion:21.0.0.215 (windows/macintosh/android/ios)

Trust: 0.8

vendor:adobemodel:flash playerscope:ltversion:11.2.202.621 (linux)

Trust: 0.8

vendor:adobemodel:flash playerscope:ltversion:21.0.0.242 (windows 10/8.1 edition microsoft edge/internet explorer 11)

Trust: 0.8

vendor:adobemodel:flash playerscope:ltversion:21.0.0.242 (windows/macintosh/linux/chromeos edition chrome)

Trust: 0.8

vendor:adobemodel:flash playerscope:ltversion:desktop runtime 21.0.0.242 (windows/macintosh)

Trust: 0.8

vendor:adobemodel:flash playerscope:ltversion:continuous support release 18.0.0.352 (windows/macintosh)

Trust: 0.8

vendor:microsoftmodel:windows 10scope:eqversion:for 32-bit systems

Trust: 0.8

vendor:microsoftmodel:windows 10scope:eqversion:for x64-based systems

Trust: 0.8

vendor:microsoftmodel:windows 10scope:eqversion:version 1511 for 32-bit systems

Trust: 0.8

vendor:microsoftmodel:windows 10scope:eqversion:version 1511 for x64-based systems

Trust: 0.8

vendor:microsoftmodel:windows 8.1scope:eqversion:for 32-bit systems

Trust: 0.8

vendor:microsoftmodel:windows 8.1scope:eqversion:for x64-based systems

Trust: 0.8

vendor:microsoftmodel:windows rt 8.1scope: - version: -

Trust: 0.8

vendor:microsoftmodel:windows server 2012scope:eqversion:none

Trust: 0.8

vendor:microsoftmodel:windows server 2012scope:eqversion:r2

Trust: 0.8

vendor:microsoftmodel:windows 10scope: - version: -

Trust: 0.6

vendor:adobemodel:flash playerscope:eqversion:10.1.53.64

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.51.66

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.452

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.3218

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.22.87

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.15.3

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.12.36

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.12.35

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.262

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.2460

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.152.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.151.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.124.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.48.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.47.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.45.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.31.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.289.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.283.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.280

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.28.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.277.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.262.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.260.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.246.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.159.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.155.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.115.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:8.0.35.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:8.0.34.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:8

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7.0.73.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7.0.70.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7.0.69.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7.0.68.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7.0.67.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7.0.66.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7.0.61.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7.0.60.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7.0.53.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7.0.24.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7.0.19.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7.0.14.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202.235

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202.233

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202.229

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202.228

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202.223

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.115.8

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.115.7

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.115.6

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.112.61

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.111.9

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.111.8

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.111.7

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.111.6

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.111.5

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.102.63

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.102.62

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.102.55

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.102.228

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.0.1.152

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.186.7

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.186.6

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.186.3

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.186.2

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.185.25

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.185.23

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.185.22

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.185.21

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.183.7

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.183.5

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.183.4

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.183.10

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.181.34

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.181.26

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.181.23

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.181.22

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.181.16

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.181.14

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.159.1

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.157.51

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.156.12

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.154.28

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.154.27

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.154.25

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.154.24

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.154.18

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.154.13

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.153.1

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.152.33

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.152.32

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.152.21

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.152

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.95.2

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.95.1

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.92.8

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.92.10

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.85.3

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.82.76

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.52.15

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.52.14.1

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.106.16

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.105.6

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.102.65

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.102.64

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.42.34

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.32.18

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10

Trust: 0.3

vendor:adobemodel:airscope:eqversion:2.0.4

Trust: 0.3

vendor:adobemodel:airscope:eqversion:2.0.3

Trust: 0.3

vendor:adobemodel:airscope:eqversion:1.5.3.9130

Trust: 0.3

vendor:adobemodel:airscope:eqversion:1.5.3.9120

Trust: 0.3

vendor:adobemodel:airscope:eqversion:1.5.3

Trust: 0.3

vendor:adobemodel:airscope:eqversion:1.5.2

Trust: 0.3

vendor:adobemodel:airscope:eqversion:1.5.1

Trust: 0.3

vendor:adobemodel:airscope:eqversion:3.2.0.2080

Trust: 0.3

vendor:adobemodel:airscope:eqversion:3.2.0.2070

Trust: 0.3

vendor:adobemodel:airscope:eqversion:3.1.0.4880

Trust: 0.3

vendor:adobemodel:airscope:eqversion:3.0

Trust: 0.3

vendor:adobemodel:airscope:eqversion:2.7.1.1961

Trust: 0.3

vendor:adobemodel:airscope:eqversion:2.7.1

Trust: 0.3

vendor:adobemodel:airscope:eqversion:2.7

Trust: 0.3

vendor:adobemodel:airscope:eqversion:2.6.19140

Trust: 0.3

vendor:adobemodel:airscope:eqversion:2.6.19120

Trust: 0.3

vendor:adobemodel:airscope:eqversion:2.6

Trust: 0.3

vendor:adobemodel:airscope:eqversion:2.5.1

Trust: 0.3

vendor:adobemodel:airscope:eqversion:2.0.2.12610

Trust: 0.3

vendor:adobemodel:airscope:eqversion:2.0.2

Trust: 0.3

vendor:adobemodel:airscope:eqversion:1.5

Trust: 0.3

vendor:adobemodel:airscope:eqversion:1.1

Trust: 0.3

vendor:adobemodel:airscope:eqversion:1.01

Trust: 0.3

vendor:adobemodel:airscope:eqversion:1.0

Trust: 0.3

sources: BID: 90618 // JVNDB: JVNDB-2016-003277 // CNNVD: CNNVD-201606-422 // NVD: CVE-2016-4161

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-4161
value: CRITICAL

Trust: 1.0

NVD: CVE-2016-4161
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-201606-422
value: CRITICAL

Trust: 0.6

VULHUB: VHN-92980
value: HIGH

Trust: 0.1

VULMON: CVE-2016-4161
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2016-4161
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-92980
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2016-4161
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2016-4161
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-92980 // VULMON: CVE-2016-4161 // JVNDB: JVNDB-2016-003277 // CNNVD: CNNVD-201606-422 // NVD: CVE-2016-4161

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-92980 // JVNDB: JVNDB-2016-003277 // NVD: CVE-2016-4161

THREAT TYPE

remote

Trust: 0.7

sources: PACKETSTORM: 137537 // CNNVD: CNNVD-201606-422

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201606-422

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-003277

PATCH

title:APSB16-15url:http://helpx.adobe.com/security/products/flash-player/apsb16-15.html

Trust: 0.8

title:APSB16-15url:https://helpx.adobe.com/jp/security/products/flash-player/apsb16-15.html

Trust: 0.8

title:Google Chrome を更新するurl:https://support.google.com/chrome/answer/95414?hl=ja

Trust: 0.8

title:Google Chromeurl:https://www.google.com/intl/ja/chrome/browser/features.html

Trust: 0.8

title:Chrome Releasesurl:http://googlechromereleases.blogspot.jp/

Trust: 0.8

title:MS16-064url:https://technet.microsoft.com/en-us/library/security/ms16-064.aspx

Trust: 0.8

title:MS16-064url:https://technet.microsoft.com/ja-jp/library/security/ms16-064.aspx

Trust: 0.8

title:Multiple Adobe Product security vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=62351

Trust: 0.6

title:CVE-Studyurl:https://github.com/thdusdl1219/CVE-Study

Trust: 0.1

sources: VULMON: CVE-2016-4161 // JVNDB: JVNDB-2016-003277 // CNNVD: CNNVD-201606-422

EXTERNAL IDS

db:NVDid:CVE-2016-4161

Trust: 3.0

db:BIDid:90618

Trust: 2.1

db:JVNDBid:JVNDB-2016-003277

Trust: 0.8

db:CNNVDid:CNNVD-201606-422

Trust: 0.7

db:VULHUBid:VHN-92980

Trust: 0.1

db:VULMONid:CVE-2016-4161

Trust: 0.1

db:PACKETSTORMid:137537

Trust: 0.1

sources: VULHUB: VHN-92980 // VULMON: CVE-2016-4161 // BID: 90618 // JVNDB: JVNDB-2016-003277 // PACKETSTORM: 137537 // CNNVD: CNNVD-201606-422 // NVD: CVE-2016-4161

REFERENCES

url:https://security.gentoo.org/glsa/201606-08

Trust: 1.9

url:http://www.securityfocus.com/bid/90618

Trust: 1.8

url:https://helpx.adobe.com/security/products/flash-player/apsb16-15.html

Trust: 1.8

url:http://rhn.redhat.com/errata/rhsa-2016-1079.html

Trust: 1.8

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4161

Trust: 0.8

url:https://www.ipa.go.jp/security/ciadr/vul/20160511-adobeflashplayer.html

Trust: 0.8

url:https://www.jpcert.or.jp/at/2016/at160024.html

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4161

Trust: 0.8

url:http://www.npa.go.jp/cyberpolice/topics/?seq=18389

Trust: 0.8

url:http://www.adobe.com

Trust: 0.3

url:https://cwe.mitre.org/data/definitions/119.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://github.com/thdusdl1219/cve-study

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4163

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4160

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4160

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4117

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4120

Trust: 0.1

url:https://security.gentoo.org/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4162

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4117

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4121

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4121

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-1019

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4161

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4171

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4120

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4171

Trust: 0.1

url:http://creativecommons.org/licenses/by-sa/2.5

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4161

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1019

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4162

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4163

Trust: 0.1

url:https://bugs.gentoo.org.

Trust: 0.1

sources: VULHUB: VHN-92980 // VULMON: CVE-2016-4161 // BID: 90618 // JVNDB: JVNDB-2016-003277 // PACKETSTORM: 137537 // CNNVD: CNNVD-201606-422 // NVD: CVE-2016-4161

CREDITS

Mateusz Jurczyk and Natalie Silvanovich of Google Project Zero, Wen Guanxing from Pangu LAB and willJ of Tencent PC Manager.

Trust: 0.3

sources: BID: 90618

SOURCES

db:VULHUBid:VHN-92980
db:VULMONid:CVE-2016-4161
db:BIDid:90618
db:JVNDBid:JVNDB-2016-003277
db:PACKETSTORMid:137537
db:CNNVDid:CNNVD-201606-422
db:NVDid:CVE-2016-4161

LAST UPDATE DATE

2024-08-14T13:32:06.972000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-92980date:2022-12-14T00:00:00
db:VULMONid:CVE-2016-4161date:2022-12-14T00:00:00
db:BIDid:90618date:2016-07-06T14:40:00
db:JVNDBid:JVNDB-2016-003277date:2016-06-21T00:00:00
db:CNNVDid:CNNVD-201606-422date:2022-12-16T00:00:00
db:NVDid:CVE-2016-4161date:2022-12-14T17:22:45.223

SOURCES RELEASE DATE

db:VULHUBid:VHN-92980date:2016-06-16T00:00:00
db:VULMONid:CVE-2016-4161date:2016-06-16T00:00:00
db:BIDid:90618date:2016-05-12T00:00:00
db:JVNDBid:JVNDB-2016-003277date:2016-06-21T00:00:00
db:PACKETSTORMid:137537date:2016-06-18T13:14:00
db:CNNVDid:CNNVD-201606-422date:2016-06-17T00:00:00
db:NVDid:CVE-2016-4161date:2016-06-16T14:59:43.953