ID

VAR-201606-0045


CVE

CVE-2016-4163


TITLE

Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution

Trust: 0.8

sources: JVNDB: JVNDB-2016-003279

DESCRIPTION

Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4160, CVE-2016-4161, and CVE-2016-4162. Limited information is currently available regarding this issue. We will update this BID as more information emerges. Failed exploit attempts will likely result in denial-of-service conditions. Adobe Flash Player, Adobe AIR SDK and Adobe AIR SDK & Compiler are all products of American Adobe (Adobe). Security flaws exist in several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 21.0.0.226 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.343 and earlier versions, AIR Desktop Runtime 21.0.0.198 and earlier versions, based on Windows , Macintosh, Linux and ChromeOS platforms Adobe Flash Player for Google Chrome 21.0.0.216 and previous versions, Windows 10-based Adobe Flash Player for Microsoft Edge and Internet Explorer 11 21.0.0.241 and previous versions, Windows 8.1-based Adobe Flash Player for Internet Explorer 11 21.0.0.241 and earlier versions, Adobe Flash Player for Linux 11.2.202.616 and earlier versions based on Linux platforms, AIR SDK 21.0.0.198 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK & Compiler 21.0.0.198 and earlier versions. Background ========== The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All Adobe Flash Player users should upgrade to the latest version: <code> # emerge --sync # emerge --ask --oneshot --verbose "www-plugins/adobe-flash-11.2.202.626" References ========== [ 1 ] CVE-2016-1019 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1019 [ 2 ] CVE-2016-1019 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1019 [ 3 ] CVE-2016-1019 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1019 [ 4 ] CVE-2016-4117 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4117 [ 5 ] CVE-2016-4117 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4117 [ 6 ] CVE-2016-4120 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4120 [ 7 ] CVE-2016-4120 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4120 [ 8 ] CVE-2016-4120 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4120 [ 9 ] CVE-2016-4121 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4121 [ 10 ] CVE-2016-4160 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4160 [ 11 ] CVE-2016-4161 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4161 [ 12 ] CVE-2016-4162 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4162 [ 13 ] CVE-2016-4163 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4163 [ 14 ] CVE-2016-4171 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4171 [ 15 ] CVE-2016-4171 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4171 [ 16 ] CVE-2016-4171 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4171 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201606-08 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5

Trust: 2.16

sources: NVD: CVE-2016-4163 // JVNDB: JVNDB-2016-003279 // BID: 90618 // VULHUB: VHN-92982 // VULMON: CVE-2016-4163 // PACKETSTORM: 137537

AFFECTED PRODUCTS

vendor:adobemodel:air desktop runtimescope:lteversion:21.0.0.198

Trust: 1.0

vendor:adobemodel:flash player desktop runtimescope:lteversion:21.0.0.226

Trust: 1.0

vendor:adobemodel:flash playerscope:lteversion:18.0.0.343

Trust: 1.0

vendor:adobemodel:flash playerscope:lteversion:21.0.0.216

Trust: 1.0

vendor:adobemodel:air sdkscope:lteversion:21.0.0.198

Trust: 1.0

vendor:adobemodel:air sdk \& compilerscope:lteversion:21.0.0.198

Trust: 1.0

vendor:adobemodel:flash playerscope:lteversion:21.0.0.241

Trust: 1.0

vendor:adobemodel:flash playerscope:lteversion:11.2.202.616

Trust: 1.0

vendor:googlemodel:chromescope: - version: -

Trust: 0.8

vendor:adobemodel:airscope:ltversion:desktop runtime 21.0.0.215 (windows/macintosh)

Trust: 0.8

vendor:adobemodel:air sdkscope:ltversion:21.0.0.215 (windows/macintosh/android/ios)

Trust: 0.8

vendor:adobemodel:air sdk & compilerscope:ltversion:21.0.0.215 (windows/macintosh/android/ios)

Trust: 0.8

vendor:adobemodel:flash playerscope:ltversion:11.2.202.621 (linux)

Trust: 0.8

vendor:adobemodel:flash playerscope:ltversion:21.0.0.242 (windows 10/8.1 edition microsoft edge/internet explorer 11)

Trust: 0.8

vendor:adobemodel:flash playerscope:ltversion:21.0.0.242 (windows/macintosh/linux/chromeos edition chrome)

Trust: 0.8

vendor:adobemodel:flash playerscope:ltversion:desktop runtime 21.0.0.242 (windows/macintosh)

Trust: 0.8

vendor:adobemodel:flash playerscope:ltversion:continuous support release 18.0.0.352 (windows/macintosh)

Trust: 0.8

vendor:microsoftmodel:windows 10scope:eqversion:for 32-bit systems

Trust: 0.8

vendor:microsoftmodel:windows 10scope:eqversion:for x64-based systems

Trust: 0.8

vendor:microsoftmodel:windows 10scope:eqversion:version 1511 for 32-bit systems

Trust: 0.8

vendor:microsoftmodel:windows 10scope:eqversion:version 1511 for x64-based systems

Trust: 0.8

vendor:microsoftmodel:windows 8.1scope:eqversion:for 32-bit systems

Trust: 0.8

vendor:microsoftmodel:windows 8.1scope:eqversion:for x64-based systems

Trust: 0.8

vendor:microsoftmodel:windows rt 8.1scope: - version: -

Trust: 0.8

vendor:microsoftmodel:windows server 2012scope:eqversion:none

Trust: 0.8

vendor:microsoftmodel:windows server 2012scope:eqversion:r2

Trust: 0.8

vendor:adobemodel:flash playerscope:eqversion:18.0.0.343

Trust: 0.6

vendor:adobemodel:flash playerscope:eqversion:10.1.53.64

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.51.66

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.452

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.3218

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.22.87

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.15.3

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.12.36

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.12.35

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.262

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.2460

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.152.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.151.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.124.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.48.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.47.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.45.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.31.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.289.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.283.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.280

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.28.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.277.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.262.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.260.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.246.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.159.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.155.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.115.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:8.0.35.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:8.0.34.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:8

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7.0.73.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7.0.70.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7.0.69.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7.0.68.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7.0.67.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7.0.66.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7.0.61.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7.0.60.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7.0.53.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7.0.24.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7.0.19.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7.0.14.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202.235

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202.233

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202.229

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202.228

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202.223

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.115.8

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.115.7

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.115.6

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.112.61

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.111.9

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.111.8

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.111.7

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.111.6

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.111.5

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.102.63

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.102.62

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.102.55

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.102.228

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.0.1.152

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.186.7

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.186.6

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.186.3

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.186.2

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.185.25

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.185.23

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.185.22

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.185.21

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.183.7

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.183.5

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.183.4

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.183.10

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.181.34

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.181.26

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.181.23

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.181.22

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.181.16

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.181.14

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.159.1

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.157.51

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.156.12

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.154.28

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.154.27

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.154.25

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.154.24

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.154.18

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.154.13

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.153.1

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.152.33

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.152.32

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.152.21

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.152

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.95.2

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.95.1

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.92.8

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.92.10

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.85.3

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.82.76

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.52.15

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.52.14.1

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.106.16

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.105.6

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.102.65

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.102.64

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.42.34

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.32.18

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10

Trust: 0.3

vendor:adobemodel:airscope:eqversion:2.0.4

Trust: 0.3

vendor:adobemodel:airscope:eqversion:2.0.3

Trust: 0.3

vendor:adobemodel:airscope:eqversion:1.5.3.9130

Trust: 0.3

vendor:adobemodel:airscope:eqversion:1.5.3.9120

Trust: 0.3

vendor:adobemodel:airscope:eqversion:1.5.3

Trust: 0.3

vendor:adobemodel:airscope:eqversion:1.5.2

Trust: 0.3

vendor:adobemodel:airscope:eqversion:1.5.1

Trust: 0.3

vendor:adobemodel:airscope:eqversion:3.2.0.2080

Trust: 0.3

vendor:adobemodel:airscope:eqversion:3.2.0.2070

Trust: 0.3

vendor:adobemodel:airscope:eqversion:3.1.0.4880

Trust: 0.3

vendor:adobemodel:airscope:eqversion:3.0

Trust: 0.3

vendor:adobemodel:airscope:eqversion:2.7.1.1961

Trust: 0.3

vendor:adobemodel:airscope:eqversion:2.7.1

Trust: 0.3

vendor:adobemodel:airscope:eqversion:2.7

Trust: 0.3

vendor:adobemodel:airscope:eqversion:2.6.19140

Trust: 0.3

vendor:adobemodel:airscope:eqversion:2.6.19120

Trust: 0.3

vendor:adobemodel:airscope:eqversion:2.6

Trust: 0.3

vendor:adobemodel:airscope:eqversion:2.5.1

Trust: 0.3

vendor:adobemodel:airscope:eqversion:2.0.2.12610

Trust: 0.3

vendor:adobemodel:airscope:eqversion:2.0.2

Trust: 0.3

vendor:adobemodel:airscope:eqversion:1.5

Trust: 0.3

vendor:adobemodel:airscope:eqversion:1.1

Trust: 0.3

vendor:adobemodel:airscope:eqversion:1.01

Trust: 0.3

vendor:adobemodel:airscope:eqversion:1.0

Trust: 0.3

sources: BID: 90618 // JVNDB: JVNDB-2016-003279 // CNNVD: CNNVD-201606-424 // NVD: CVE-2016-4163

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-4163
value: CRITICAL

Trust: 1.0

NVD: CVE-2016-4163
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-201606-424
value: CRITICAL

Trust: 0.6

VULHUB: VHN-92982
value: HIGH

Trust: 0.1

VULMON: CVE-2016-4163
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2016-4163
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-92982
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2016-4163
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2016-4163
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-92982 // VULMON: CVE-2016-4163 // JVNDB: JVNDB-2016-003279 // CNNVD: CNNVD-201606-424 // NVD: CVE-2016-4163

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-92982 // JVNDB: JVNDB-2016-003279 // NVD: CVE-2016-4163

THREAT TYPE

remote

Trust: 0.7

sources: PACKETSTORM: 137537 // CNNVD: CNNVD-201606-424

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201606-424

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-003279

PATCH

title:APSB16-15url:http://helpx.adobe.com/security/products/flash-player/apsb16-15.html

Trust: 0.8

title:APSB16-15url:https://helpx.adobe.com/jp/security/products/flash-player/apsb16-15.html

Trust: 0.8

title:Google Chrome を更新するurl:https://support.google.com/chrome/answer/95414?hl=ja

Trust: 0.8

title:Google Chromeurl:https://www.google.com/intl/ja/chrome/browser/features.html

Trust: 0.8

title:Chrome Releasesurl:http://googlechromereleases.blogspot.jp/

Trust: 0.8

title:MS16-064url:https://technet.microsoft.com/en-us/library/security/ms16-064.aspx

Trust: 0.8

title:MS16-064url:https://technet.microsoft.com/ja-jp/library/security/ms16-064.aspx

Trust: 0.8

title:Multiple Adobe Product security vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=62353

Trust: 0.6

title:CVE-Studyurl:https://github.com/thdusdl1219/CVE-Study

Trust: 0.1

sources: VULMON: CVE-2016-4163 // JVNDB: JVNDB-2016-003279 // CNNVD: CNNVD-201606-424

EXTERNAL IDS

db:NVDid:CVE-2016-4163

Trust: 3.0

db:BIDid:90618

Trust: 2.1

db:JVNDBid:JVNDB-2016-003279

Trust: 0.8

db:CNNVDid:CNNVD-201606-424

Trust: 0.7

db:VULHUBid:VHN-92982

Trust: 0.1

db:VULMONid:CVE-2016-4163

Trust: 0.1

db:PACKETSTORMid:137537

Trust: 0.1

sources: VULHUB: VHN-92982 // VULMON: CVE-2016-4163 // BID: 90618 // JVNDB: JVNDB-2016-003279 // PACKETSTORM: 137537 // CNNVD: CNNVD-201606-424 // NVD: CVE-2016-4163

REFERENCES

url:https://security.gentoo.org/glsa/201606-08

Trust: 1.9

url:http://www.securityfocus.com/bid/90618

Trust: 1.8

url:https://helpx.adobe.com/security/products/flash-player/apsb16-15.html

Trust: 1.8

url:http://rhn.redhat.com/errata/rhsa-2016-1079.html

Trust: 1.8

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4163

Trust: 0.8

url:https://www.ipa.go.jp/security/ciadr/vul/20160511-adobeflashplayer.html

Trust: 0.8

url:https://www.jpcert.or.jp/at/2016/at160024.html

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4163

Trust: 0.8

url:http://www.npa.go.jp/cyberpolice/topics/?seq=18389

Trust: 0.8

url:http://www.adobe.com

Trust: 0.3

url:https://cwe.mitre.org/data/definitions/119.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://github.com/thdusdl1219/cve-study

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4163

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4160

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4160

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4117

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4120

Trust: 0.1

url:https://security.gentoo.org/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4162

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4117

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4121

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4121

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-1019

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4161

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4171

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4120

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4171

Trust: 0.1

url:http://creativecommons.org/licenses/by-sa/2.5

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4161

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1019

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4162

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4163

Trust: 0.1

url:https://bugs.gentoo.org.

Trust: 0.1

sources: VULHUB: VHN-92982 // VULMON: CVE-2016-4163 // BID: 90618 // JVNDB: JVNDB-2016-003279 // PACKETSTORM: 137537 // CNNVD: CNNVD-201606-424 // NVD: CVE-2016-4163

CREDITS

Mateusz Jurczyk and Natalie Silvanovich of Google Project Zero, Wen Guanxing from Pangu LAB and willJ of Tencent PC Manager.

Trust: 0.3

sources: BID: 90618

SOURCES

db:VULHUBid:VHN-92982
db:VULMONid:CVE-2016-4163
db:BIDid:90618
db:JVNDBid:JVNDB-2016-003279
db:PACKETSTORMid:137537
db:CNNVDid:CNNVD-201606-424
db:NVDid:CVE-2016-4163

LAST UPDATE DATE

2024-08-14T13:32:19.205000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-92982date:2022-12-14T00:00:00
db:VULMONid:CVE-2016-4163date:2022-12-14T00:00:00
db:BIDid:90618date:2016-07-06T14:40:00
db:JVNDBid:JVNDB-2016-003279date:2016-06-21T00:00:00
db:CNNVDid:CNNVD-201606-424date:2022-12-16T00:00:00
db:NVDid:CVE-2016-4163date:2022-12-14T17:28:22.343

SOURCES RELEASE DATE

db:VULHUBid:VHN-92982date:2016-06-16T00:00:00
db:VULMONid:CVE-2016-4163date:2016-06-16T00:00:00
db:BIDid:90618date:2016-05-12T00:00:00
db:JVNDBid:JVNDB-2016-003279date:2016-06-21T00:00:00
db:PACKETSTORMid:137537date:2016-06-18T13:14:00
db:CNNVDid:CNNVD-201606-424date:2016-06-17T00:00:00
db:NVDid:CVE-2016-4163date:2016-06-16T14:59:46.250