Vulnerability-Lookup

CVE-2016-0984 (GCVE-0-2016-0984)

Vulnerability from cvelistv5 – Published: 2016-02-10 20:00 – Updated: 2025-10-21 23:55

CISA KEV

Summary

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0982, and CVE-2016-0983.

Severity

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

Assigner

adobe

References

9 references

URL	Tags
https://www.exploit-db.com/exploits/39462/	exploitx_refsource_EXPLOIT-DB
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
http://www.securitytracker.com/id/1034970	vdb-entryx_refsource_SECTRACK
https://security.gentoo.org/glsa/201603-07	vendor-advisoryx_refsource_GENTOO
http://rhn.redhat.com/errata/RHSA-2016-0166.html	vendor-advisoryx_refsource_REDHAT
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
https://helpx.adobe.com/security/products/flash-p…	x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE

Date Public

2016-02-09 00:00

CISA KEV

Known Exploited Vulnerability - GCVE BCP-07 Compliant

KEV entry ID: 6fc7225e-d6ea-4211-8e7c-01d2f29dfafa

Vulnerability ID: CVE-2016-0984

Status: Confirmed

Status Updated: 2022-05-25 00:00 UTC

Exploited: Yes

Timestamps

First Seen: 2022-05-25

Asserted: 2022-05-25

Scope

Notes: KEV entry: Adobe Flash Player and AIR Use-After-Free Vulnerability | Affected: Adobe / Flash Player and AIR | Description: Use-after-free vulnerability in Adobe Flash Player and Adobe AIR allows attackers to execute code. | Required action: The impacted products are end-of-life and should be disconnected if still in use. | Due date: 2022-06-15 | Known ransomware campaign use (KEV): Unknown | Notes (KEV): https://nvd.nist.gov/vuln/detail/CVE-2016-0984

Evidence

Type: Vendor Report

Signal: Successful Exploitation

Confidence: 80%

Source: cisa-kev

Details

Cwes	CWE-416
Feed	CISA Known Exploited Vulnerabilities Catalog
Product	Flash Player and AIR
Due Date	2022-06-15
Date Added	2022-05-25
Vendorproject	Adobe
Vulnerabilityname	Adobe Flash Player and AIR Use-After-Free Vulnerability
Knownransomwarecampaignuse	Unknown

References

CVE-2016-0984

Created: 2026-02-02 12:27 UTC | Updated: 2026-02-06 07:17 UTC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T22:38:41.435Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "39462",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/39462/"
          },
          {
            "name": "SUSE-SU-2016:0400",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html"
          },
          {
            "name": "1034970",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1034970"
          },
          {
            "name": "GLSA-201603-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201603-07"
          },
          {
            "name": "RHSA-2016:0166",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html"
          },
          {
            "name": "openSUSE-SU-2016:0415",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html"
          },
          {
            "name": "openSUSE-SU-2016:0412",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html"
          },
          {
            "name": "SUSE-SU-2016:0398",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2016-0984",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-04T21:36:47.227840Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2022-05-25",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-0984"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-416",
                "description": "CWE-416 Use After Free",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-21T23:55:55.589Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-0984"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2022-05-25T00:00:00.000Z",
            "value": "CVE-2016-0984 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-02-09T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0982, and CVE-2016-0983."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-09T09:57:01.000Z",
        "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "shortName": "adobe"
      },
      "references": [
        {
          "name": "39462",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/39462/"
        },
        {
          "name": "SUSE-SU-2016:0400",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html"
        },
        {
          "name": "1034970",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1034970"
        },
        {
          "name": "GLSA-201603-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201603-07"
        },
        {
          "name": "RHSA-2016:0166",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html"
        },
        {
          "name": "openSUSE-SU-2016:0415",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html"
        },
        {
          "name": "openSUSE-SU-2016:0412",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html"
        },
        {
          "name": "SUSE-SU-2016:0398",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@adobe.com",
          "ID": "CVE-2016-0984",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0982, and CVE-2016-0983."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "39462",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/39462/"
            },
            {
              "name": "SUSE-SU-2016:0400",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html"
            },
            {
              "name": "1034970",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1034970"
            },
            {
              "name": "GLSA-201603-07",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201603-07"
            },
            {
              "name": "RHSA-2016:0166",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html"
            },
            {
              "name": "openSUSE-SU-2016:0415",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html"
            },
            {
              "name": "openSUSE-SU-2016:0412",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html"
            },
            {
              "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html",
              "refsource": "CONFIRM",
              "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html"
            },
            {
              "name": "SUSE-SU-2016:0398",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
    "assignerShortName": "adobe",
    "cveId": "CVE-2016-0984",
    "datePublished": "2016-02-10T20:00:00.000Z",
    "dateReserved": "2015-12-22T00:00:00.000Z",
    "dateUpdated": "2025-10-21T23:55:55.589Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2016-0984",
      "cwes": "[\"CWE-416\"]",
      "dateAdded": "2022-05-25",
      "dueDate": "2022-06-15",
      "knownRansomwareCampaignUse": "Unknown",
      "notes": "https://nvd.nist.gov/vuln/detail/CVE-2016-0984",
      "product": "Flash Player and AIR",
      "requiredAction": "The impacted products are end-of-life and should be disconnected if still in use.",
      "shortDescription": "Use-after-free vulnerability in Adobe Flash Player and Adobe AIR allows attackers to execute code.",
      "vendorProject": "Adobe",
      "vulnerabilityName": "Adobe Flash Player and AIR Use-After-Free Vulnerability"
    },
    "epss": {
      "cve": "CVE-2016-0984",
      "date": "2026-05-28",
      "epss": "0.67345",
      "percentile": "0.98583"
    },
    "fkie_nvd": {
      "cisaActionDue": "2022-06-15",
      "cisaExploitAdd": "2022-05-25",
      "cisaRequiredAction": "The impacted products are end-of-life and should be disconnected if still in use.",
      "cisaVulnerabilityName": "Adobe Flash Player and AIR Use-After-Free Vulnerability",
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"11.2.202.559\", \"matchCriteriaId\": \"9C8C62C1-327A-4D04-A51C-0614DB4F5493\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"20.0.0.286\", \"matchCriteriaId\": \"BAFA5674-4EBC-4587-87C6-22A522B487C6\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4781BF1E-8A4E-4AFF-9540-23D523EE30DD\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*\", \"versionEndIncluding\": \"18.0.0.326\", \"matchCriteriaId\": \"002CFEA6-D147-44B4-90FC-0D3C68D96082\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4781BF1E-8A4E-4AFF-9540-23D523EE30DD\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"21540673-614A-4D40-8BD7-3F07723803B0\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E93068DB-549B-45AB-8E5C-00EB5D8B5CF8\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*\", \"versionEndIncluding\": \"20.0.0.272\", \"matchCriteriaId\": \"F40FBAAB-92FC-45AF-B656-E87ECC4C4816\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*\", \"versionEndIncluding\": \"20.0.0.286\", \"matchCriteriaId\": \"686929A4-EB67-47B6-87EC-453BCD13FE20\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4781BF1E-8A4E-4AFF-9540-23D523EE30DD\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"21540673-614A-4D40-8BD7-3F07723803B0\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*\", \"versionEndIncluding\": \"20.0.0.272\", \"matchCriteriaId\": \"E823E5FE-7367-41DE-8CD7-842C5C2F53CE\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"20.0.0.233\", \"matchCriteriaId\": \"18BA497D-0C1D-451E-B54F-4028FD9B9F3B\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4781BF1E-8A4E-4AFF-9540-23D523EE30DD\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"20.0.0.233\", \"matchCriteriaId\": \"F09C5C9A-0493-4601-84AE-3A9C5985231D\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B5415705-33E5-46D5-8E4D-9EBADC8C5705\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4781BF1E-8A4E-4AFF-9540-23D523EE30DD\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:air_sdk_\\\\\u0026_compiler:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"20.0.0.233\", \"matchCriteriaId\": \"00D08966-361A-430D-9B39-ED143404EBF6\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B5415705-33E5-46D5-8E4D-9EBADC8C5705\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4781BF1E-8A4E-4AFF-9540-23D523EE30DD\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0982, and CVE-2016-0983.\"}, {\"lang\": \"es\", \"value\": \"Vulnerabilidad de uso despu\\u00e9s de liberaci\\u00f3n de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.329 y 19.x y 20.x en versiones anteriores a 20.0.0.306 en Windows y OS X y en versiones anteriores a 11.2.202.569 en Linux, Adobe AIR en versiones anteriores a 20.0.0.260, Adobe AIR SDK en versiones anteriores a 20.0.0.260 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 20.0.0.260 permite a atacantes ejecutar c\\u00f3digo arbitrario a trav\\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0982 y CVE-2016-0983.\"}]",
      "id": "CVE-2016-0984",
      "lastModified": "2024-11-21T02:42:46.840",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:C/I:C/A:C\", \"baseScore\": 9.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.6, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2016-02-10T20:59:32.563",
      "references": "[{\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html\", \"source\": \"psirt@adobe.com\", \"tags\": [\"Broken Link\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html\", \"source\": \"psirt@adobe.com\", \"tags\": [\"Broken Link\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html\", \"source\": \"psirt@adobe.com\", \"tags\": [\"Broken Link\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html\", \"source\": \"psirt@adobe.com\", \"tags\": [\"Broken Link\", \"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-0166.html\", \"source\": \"psirt@adobe.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.securitytracker.com/id/1034970\", \"source\": \"psirt@adobe.com\", \"tags\": [\"Broken Link\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://helpx.adobe.com/security/products/flash-player/apsb16-04.html\", \"source\": \"psirt@adobe.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/201603-07\", \"source\": \"psirt@adobe.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.exploit-db.com/exploits/39462/\", \"source\": \"psirt@adobe.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-0166.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.securitytracker.com/id/1034970\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://helpx.adobe.com/security/products/flash-player/apsb16-04.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/201603-07\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.exploit-db.com/exploits/39462/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}]",
      "sourceIdentifier": "psirt@adobe.com",
      "vulnStatus": "Undergoing Analysis",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-416\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2016-0984\",\"sourceIdentifier\":\"psirt@adobe.com\",\"published\":\"2016-02-10T20:59:32.563\",\"lastModified\":\"2026-04-22T13:01:44.313\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0982, and CVE-2016-0983.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.329 y 19.x y 20.x en versiones anteriores a 20.0.0.306 en Windows y OS X y en versiones anteriores a 11.2.202.569 en Linux, Adobe AIR en versiones anteriores a 20.0.0.260, Adobe AIR SDK en versiones anteriores a 20.0.0.260 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 20.0.0.260 permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0982 y CVE-2016-0983.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"cisaExploitAdd\":\"2022-05-25\",\"cisaActionDue\":\"2022-06-15\",\"cisaRequiredAction\":\"The impacted products are end-of-life and should be disconnected if still in use.\",\"cisaVulnerabilityName\":\"Adobe Flash Player and AIR Use-After-Free Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*\",\"versionEndIncluding\":\"20.0.0.272\",\"matchCriteriaId\":\"F40FBAAB-92FC-45AF-B656-E87ECC4C4816\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*\",\"versionEndIncluding\":\"20.0.0.272\",\"matchCriteriaId\":\"E823E5FE-7367-41DE-8CD7-842C5C2F53CE\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"11.2.202.559\",\"matchCriteriaId\":\"9C8C62C1-327A-4D04-A51C-0614DB4F5493\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"20.0.0.286\",\"matchCriteriaId\":\"BAFA5674-4EBC-4587-87C6-22A522B487C6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4781BF1E-8A4E-4AFF-9540-23D523EE30DD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*\",\"versionEndIncluding\":\"18.0.0.326\",\"matchCriteriaId\":\"002CFEA6-D147-44B4-90FC-0D3C68D96082\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4781BF1E-8A4E-4AFF-9540-23D523EE30DD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*\",\"versionEndIncluding\":\"20.0.0.286\",\"matchCriteriaId\":\"686929A4-EB67-47B6-87EC-453BCD13FE20\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4781BF1E-8A4E-4AFF-9540-23D523EE30DD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"20.0.0.233\",\"matchCriteriaId\":\"18BA497D-0C1D-451E-B54F-4028FD9B9F3B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4781BF1E-8A4E-4AFF-9540-23D523EE30DD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"20.0.0.233\",\"matchCriteriaId\":\"F09C5C9A-0493-4601-84AE-3A9C5985231D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5415705-33E5-46D5-8E4D-9EBADC8C5705\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4781BF1E-8A4E-4AFF-9540-23D523EE30DD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:air_sdk_\\\\\u0026_compiler:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"20.0.0.233\",\"matchCriteriaId\":\"00D08966-361A-430D-9B39-ED143404EBF6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5415705-33E5-46D5-8E4D-9EBADC8C5705\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4781BF1E-8A4E-4AFF-9540-23D523EE30DD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\",\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-0166.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securitytracker.com/id/1034970\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://helpx.adobe.com/security/products/flash-player/apsb16-04.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201603-07\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.exploit-db.com/exploits/39462/\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-0166.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securitytracker.com/id/1034970\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://helpx.adobe.com/security/products/flash-player/apsb16-04.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201603-07\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.exploit-db.com/exploits/39462/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-0984\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.exploit-db.com/exploits/39462/\", \"name\": \"39462\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html\", \"name\": \"SUSE-SU-2016:0400\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id/1034970\", \"name\": \"1034970\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/201603-07\", \"name\": \"GLSA-201603-07\", \"tags\": [\"vendor-advisory\", \"x_refsource_GENTOO\", \"x_transferred\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-0166.html\", \"name\": \"RHSA-2016:0166\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html\", \"name\": \"openSUSE-SU-2016:0415\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html\", \"name\": \"openSUSE-SU-2016:0412\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"https://helpx.adobe.com/security/products/flash-player/apsb16-04.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html\", \"name\": \"SUSE-SU-2016:0398\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-05T22:38:41.435Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2016-0984\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-04T21:36:47.227840Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2022-05-25\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-0984\"}}}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2022-05-25T00:00:00.000Z\", \"value\": \"CVE-2016-0984 added to CISA KEV\"}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-0984\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-416\", \"description\": \"CWE-416 Use After Free\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-04T21:36:54.587Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"datePublic\": \"2016-02-09T00:00:00.000Z\", \"references\": [{\"url\": \"https://www.exploit-db.com/exploits/39462/\", \"name\": \"39462\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html\", \"name\": \"SUSE-SU-2016:0400\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://www.securitytracker.com/id/1034970\", \"name\": \"1034970\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"https://security.gentoo.org/glsa/201603-07\", \"name\": \"GLSA-201603-07\", \"tags\": [\"vendor-advisory\", \"x_refsource_GENTOO\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-0166.html\", \"name\": \"RHSA-2016:0166\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html\", \"name\": \"openSUSE-SU-2016:0415\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html\", \"name\": \"openSUSE-SU-2016:0412\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"https://helpx.adobe.com/security/products/flash-player/apsb16-04.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html\", \"name\": \"SUSE-SU-2016:0398\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0982, and CVE-2016-0983.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"078d4453-3bcd-4900-85e6-15281da43538\", \"shortName\": \"adobe\", \"dateUpdated\": \"2017-09-09T09:57:01.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"n/a\"}]}, \"product_name\": \"n/a\"}]}, \"vendor_name\": \"n/a\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://www.exploit-db.com/exploits/39462/\", \"name\": \"39462\", \"refsource\": \"EXPLOIT-DB\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html\", \"name\": \"SUSE-SU-2016:0400\", \"refsource\": \"SUSE\"}, {\"url\": \"http://www.securitytracker.com/id/1034970\", \"name\": \"1034970\", \"refsource\": \"SECTRACK\"}, {\"url\": \"https://security.gentoo.org/glsa/201603-07\", \"name\": \"GLSA-201603-07\", \"refsource\": \"GENTOO\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-0166.html\", \"name\": \"RHSA-2016:0166\", \"refsource\": \"REDHAT\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html\", \"name\": \"openSUSE-SU-2016:0415\", \"refsource\": \"SUSE\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html\", \"name\": \"openSUSE-SU-2016:0412\", \"refsource\": \"SUSE\"}, {\"url\": \"https://helpx.adobe.com/security/products/flash-player/apsb16-04.html\", \"name\": \"https://helpx.adobe.com/security/products/flash-player/apsb16-04.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html\", \"name\": \"SUSE-SU-2016:0398\", \"refsource\": \"SUSE\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0982, and CVE-2016-0983.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"n/a\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2016-0984\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"psirt@adobe.com\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2016-0984\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-21T23:55:55.589Z\", \"dateReserved\": \"2015-12-22T00:00:00.000Z\", \"assignerOrgId\": \"078d4453-3bcd-4900-85e6-15281da43538\", \"datePublished\": \"2016-02-10T20:00:00.000Z\", \"assignerShortName\": \"adobe\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

CERTFR-2016-AVI-054

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans les produits Adobe. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un contournement de la politique de sécurité et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Adobe	N/A	Adobe Bridge CC versions antérieures à 6.2 pour Windows et Macintosh
Adobe	N/A	Adobe Connect versions antérieures à 9.5.2 pour Windows
Adobe	N/A	Adobe Flash Player ESR versions antérieures à 18.0.0.329 pour Windows et Macintosh
Adobe	N/A	Adobe Photoshop CC 2014 versions antérieures à 15.2.4 (2014.2.4) pour Windows et Macintosh
Adobe	N/A	Adobe Flash Player versions antérieures à 11.2.202.569 pour Linux
Adobe	N/A	AIR SDK versions antérieures à 20.0.0.260 pour Windows, Macintosh, Android et iOS
Adobe	N/A	Adobe Flash Player versions antérieures à 20.0.0.306 pour Windows et Macintosh
Adobe	N/A	Adobe Photoshop CC 2015 versions antérieures à 16.1.2 (2015.1.2) pour Windows et Macintosh
Adobe	N/A	AIR SDK & Compiler versions antérieures à 20.0.0.260 pour Windows, Macintosh, Android et iOS
Adobe	N/A	Adobe Experience Manager versions 6.1.0, 6.0.0, et 5.6.1 pour Windows, Unix, Linux et OS X

References

Title

Publication Time

Tags

Bulletin de sécurité Adobe APSB16-05 du 09 février 2016	None	vendor-advisory
Bulletin de sécurité Adobe APSB16-04 du 09 février 2016	None	vendor-advisory
Bulletin de sécurité Adobe APSB16-07 du 09 février 2016	None	vendor-advisory
Bulletin de sécurité Adobe APSB16-03 du 09 février 2016	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Adobe Bridge CC versions ant\u00e9rieures \u00e0 6.2 pour Windows et Macintosh",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Adobe Connect versions ant\u00e9rieures \u00e0 9.5.2 pour Windows",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Adobe Flash Player ESR versions ant\u00e9rieures \u00e0 18.0.0.329 pour Windows et Macintosh",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Adobe Photoshop CC 2014 versions ant\u00e9rieures \u00e0 15.2.4 (2014.2.4) pour Windows et Macintosh",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Adobe Flash Player versions ant\u00e9rieures \u00e0 11.2.202.569 pour Linux",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "AIR SDK versions ant\u00e9rieures \u00e0 20.0.0.260 pour Windows, Macintosh, Android et iOS",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Adobe Flash Player versions ant\u00e9rieures \u00e0 20.0.0.306 pour Windows et Macintosh",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Adobe Photoshop CC 2015 versions ant\u00e9rieures \u00e0 16.1.2 (2015.1.2) pour Windows et Macintosh",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "AIR SDK \u0026 Compiler versions ant\u00e9rieures \u00e0 20.0.0.260 pour Windows, Macintosh, Android et iOS",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Adobe Experience Manager versions 6.1.0, 6.0.0, et 5.6.1 pour Windows, Unix, Linux et OS X",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2016-0972",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0972"
    },
    {
      "name": "CVE-2016-0974",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0974"
    },
    {
      "name": "CVE-2016-0948",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0948"
    },
    {
      "name": "CVE-2016-0965",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0965"
    },
    {
      "name": "CVE-2016-0981",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0981"
    },
    {
      "name": "CVE-2016-0985",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0985"
    },
    {
      "name": "CVE-2016-0984",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0984"
    },
    {
      "name": "CVE-2016-0967",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0967"
    },
    {
      "name": "CVE-2016-0973",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0973"
    },
    {
      "name": "CVE-2016-0968",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0968"
    },
    {
      "name": "CVE-2016-0978",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0978"
    },
    {
      "name": "CVE-2016-0977",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0977"
    },
    {
      "name": "CVE-2016-0964",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0964"
    },
    {
      "name": "CVE-2016-0957",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0957"
    },
    {
      "name": "CVE-2016-0976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0976"
    },
    {
      "name": "CVE-2016-0958",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0958"
    },
    {
      "name": "CVE-2016-0956",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0956"
    },
    {
      "name": "CVE-2016-0971",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0971"
    },
    {
      "name": "CVE-2016-0952",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0952"
    },
    {
      "name": "CVE-2016-0975",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0975"
    },
    {
      "name": "CVE-2016-0982",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0982"
    },
    {
      "name": "CVE-2016-0955",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0955"
    },
    {
      "name": "CVE-2016-0950",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0950"
    },
    {
      "name": "CVE-2016-0983",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0983"
    },
    {
      "name": "CVE-2016-0969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0969"
    },
    {
      "name": "CVE-2016-0966",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0966"
    },
    {
      "name": "CVE-2016-0953",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0953"
    },
    {
      "name": "CVE-2016-0980",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0980"
    },
    {
      "name": "CVE-2016-0979",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0979"
    },
    {
      "name": "CVE-2016-0949",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0949"
    },
    {
      "name": "CVE-2016-0951",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0951"
    },
    {
      "name": "CVE-2016-0970",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0970"
    }
  ],
  "links": [],
  "reference": "CERTFR-2016-AVI-054",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2016-02-10T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles produits Adobe\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un contournement de la politique de s\u00e9curit\u00e9 et une atteinte\n\u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Adobe",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Adobe APSB16-05 du 09 f\u00e9vrier 2016",
      "url": "https://helpx.adobe.com/security/products/experience-manager/apsb16-05.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Adobe APSB16-04 du 09 f\u00e9vrier 2016",
      "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Adobe APSB16-07 du 09 f\u00e9vrier 2016",
      "url": "https://helpx.adobe.com/security/products/connect/apsb16-07.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Adobe APSB16-03 du 09 f\u00e9vrier 2016",
      "url": "https://helpx.adobe.com/security/products/photoshop/apsb16-03.html"
    }
  ]
}

CERTFR-2016-AVI-055

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans Microsoft Internet Explorer. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un contournement de la politique de sécurité et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	Windows	Microsoft Internet Explorer 11 pour Windows 8.1
Microsoft	Windows	Microsoft Internet Explorer 10 pour Windows Server 2012
Microsoft	Windows	Microsoft Internet Explorer 11 pour Windows 10
Microsoft	Windows	Microsoft Internet Explorer 9 pour Windows Vista SP2
Microsoft	Windows	Microsoft Internet Explorer 11 pour Windows RT 8.1
Microsoft	Windows	Microsoft Internet Explorer 11 pour Windows Server 2008 R2
Microsoft	Windows	Microsoft Internet Explorer 11 pour Windows Server 2012 R2
Microsoft	Windows	Microsoft Internet Explorer 11 pour Windows 7 SP1
Microsoft	Windows	Adobe Flash Player pour Windows Internet Explorer 10 et 11 sur Windows 8.1 et 10, Windows Server 2012 et 2012 R2, et Windows RT 8.1
Microsoft	Windows	Microsoft Internet Explorer 9 pour Windows Server 2008 SP2

References

Title

Publication Time

Tags

Bulletin de sécurité Adobe APSB16-04 du 09 février 2016	None	vendor-advisory
Bulletin de sécurité Microsoft MS16-022 du 09 février 2016	None	vendor-advisory
Bulletin de sécurité Microsoft MS16-009 du 09 février 2016	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft Internet Explorer 11 pour Windows 8.1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Internet Explorer 10 pour Windows Server 2012",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Internet Explorer 11 pour Windows 10",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Internet Explorer 9 pour Windows Vista SP2",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Internet Explorer 11 pour Windows RT 8.1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Internet Explorer 11 pour Windows Server 2008 R2",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Internet Explorer 11 pour Windows Server 2012 R2",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Internet Explorer 11 pour Windows 7 SP1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Adobe Flash Player pour Windows Internet Explorer 10 et 11 sur Windows 8.1 et 10, Windows Server 2012 et 2012 R2, et Windows RT 8.1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Internet Explorer 9 pour Windows Server 2008 SP2",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2016-0972",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0972"
    },
    {
      "name": "CVE-2016-0974",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0974"
    },
    {
      "name": "CVE-2016-0965",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0965"
    },
    {
      "name": "CVE-2016-0981",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0981"
    },
    {
      "name": "CVE-2016-0985",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0985"
    },
    {
      "name": "CVE-2016-0068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0068"
    },
    {
      "name": "CVE-2016-0984",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0984"
    },
    {
      "name": "CVE-2016-0967",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0967"
    },
    {
      "name": "CVE-2016-0063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0063"
    },
    {
      "name": "CVE-2016-0062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0062"
    },
    {
      "name": "CVE-2016-0973",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0973"
    },
    {
      "name": "CVE-2016-0968",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0968"
    },
    {
      "name": "CVE-2016-0077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0077"
    },
    {
      "name": "CVE-2016-0978",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0978"
    },
    {
      "name": "CVE-2016-0041",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0041"
    },
    {
      "name": "CVE-2016-0977",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0977"
    },
    {
      "name": "CVE-2016-0964",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0964"
    },
    {
      "name": "CVE-2016-0976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0976"
    },
    {
      "name": "CVE-2016-0061",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0061"
    },
    {
      "name": "CVE-2016-0971",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0971"
    },
    {
      "name": "CVE-2016-0060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0060"
    },
    {
      "name": "CVE-2016-0975",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0975"
    },
    {
      "name": "CVE-2016-0059",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0059"
    },
    {
      "name": "CVE-2016-0067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0067"
    },
    {
      "name": "CVE-2016-0982",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0982"
    },
    {
      "name": "CVE-2016-0983",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0983"
    },
    {
      "name": "CVE-2016-0072",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0072"
    },
    {
      "name": "CVE-2016-0969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0969"
    },
    {
      "name": "CVE-2016-0966",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0966"
    },
    {
      "name": "CVE-2016-0071",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0071"
    },
    {
      "name": "CVE-2016-0064",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0064"
    },
    {
      "name": "CVE-2016-0980",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0980"
    },
    {
      "name": "CVE-2016-0979",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0979"
    },
    {
      "name": "CVE-2016-0069",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0069"
    },
    {
      "name": "CVE-2016-0970",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0970"
    }
  ],
  "links": [],
  "reference": "CERTFR-2016-AVI-055",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2016-02-10T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eMicrosoft Internet Explorer\u003c/span\u003e. Certaines d\u0027entre\nelles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code\narbitraire \u00e0 distance, un contournement de la politique de s\u00e9curit\u00e9 et\nune atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Internet Explorer",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Adobe APSB16-04 du 09 f\u00e9vrier 2016",
      "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS16-022 du 09 f\u00e9vrier 2016",
      "url": "https://technet.microsoft.com/en-us/library/security/ms16-022"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS16-009 du 09 f\u00e9vrier 2016",
      "url": "https://technet.microsoft.com/en-us/library/security/ms16-009"
    }
  ]
}

CERTFR-2016-AVI-056

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans Microsoft Edge. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Microsoft	Edge	Microsoft Edge pour Windows 10
	Microsoft	Edge	Adobe Flash Player versions antérieures à 20.0.0.306 pour Microsoft Edge sur Windows 10

References

Title

Publication Time

Tags

Bulletin de sécurité Adobe APSB16-04 du 09 février 2016	None	vendor-advisory
Bulletin de sécurité Microsoft MS16-022 du 09 février 2016	None	vendor-advisory
Bulletin de sécurité Microsoft MS16-011 du 09 février 2016	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft Edge pour Windows 10",
      "product": {
        "name": "Edge",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Adobe Flash Player versions ant\u00e9rieures \u00e0 20.0.0.306 pour Microsoft Edge sur Windows 10",
      "product": {
        "name": "Edge",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2016-0972",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0972"
    },
    {
      "name": "CVE-2016-0974",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0974"
    },
    {
      "name": "CVE-2016-0965",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0965"
    },
    {
      "name": "CVE-2016-0981",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0981"
    },
    {
      "name": "CVE-2016-0985",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0985"
    },
    {
      "name": "CVE-2016-0984",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0984"
    },
    {
      "name": "CVE-2016-0967",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0967"
    },
    {
      "name": "CVE-2016-0062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0062"
    },
    {
      "name": "CVE-2016-0973",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0973"
    },
    {
      "name": "CVE-2016-0968",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0968"
    },
    {
      "name": "CVE-2016-0077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0077"
    },
    {
      "name": "CVE-2016-0978",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0978"
    },
    {
      "name": "CVE-2016-0977",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0977"
    },
    {
      "name": "CVE-2016-0964",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0964"
    },
    {
      "name": "CVE-2016-0976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0976"
    },
    {
      "name": "CVE-2016-0061",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0061"
    },
    {
      "name": "CVE-2016-0971",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0971"
    },
    {
      "name": "CVE-2016-0060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0060"
    },
    {
      "name": "CVE-2016-0975",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0975"
    },
    {
      "name": "CVE-2016-0982",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0982"
    },
    {
      "name": "CVE-2016-0983",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0983"
    },
    {
      "name": "CVE-2016-0969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0969"
    },
    {
      "name": "CVE-2016-0966",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0966"
    },
    {
      "name": "CVE-2016-0080",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0080"
    },
    {
      "name": "CVE-2016-0980",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0980"
    },
    {
      "name": "CVE-2016-0979",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0979"
    },
    {
      "name": "CVE-2016-0084",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0084"
    },
    {
      "name": "CVE-2016-0970",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0970"
    }
  ],
  "links": [],
  "reference": "CERTFR-2016-AVI-056",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2016-02-10T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eMicrosoft Edge\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance et un\ncontournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Edge",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Adobe APSB16-04 du 09 f\u00e9vrier 2016",
      "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS16-022 du 09 f\u00e9vrier 2016",
      "url": "https://technet.microsoft.com/en-us/library/security/ms16-022"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS16-011 du 09 f\u00e9vrier 2016",
      "url": "https://technet.microsoft.com/en-us/library/security/ms16-011"
    }
  ]
}

CERTFR-2016-AVI-054

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Adobe	N/A	Adobe Bridge CC versions antérieures à 6.2 pour Windows et Macintosh
Adobe	N/A	Adobe Connect versions antérieures à 9.5.2 pour Windows
Adobe	N/A	Adobe Flash Player ESR versions antérieures à 18.0.0.329 pour Windows et Macintosh
Adobe	N/A	Adobe Photoshop CC 2014 versions antérieures à 15.2.4 (2014.2.4) pour Windows et Macintosh
Adobe	N/A	Adobe Flash Player versions antérieures à 11.2.202.569 pour Linux
Adobe	N/A	AIR SDK versions antérieures à 20.0.0.260 pour Windows, Macintosh, Android et iOS
Adobe	N/A	Adobe Flash Player versions antérieures à 20.0.0.306 pour Windows et Macintosh
Adobe	N/A	Adobe Photoshop CC 2015 versions antérieures à 16.1.2 (2015.1.2) pour Windows et Macintosh
Adobe	N/A	AIR SDK & Compiler versions antérieures à 20.0.0.260 pour Windows, Macintosh, Android et iOS
Adobe	N/A	Adobe Experience Manager versions 6.1.0, 6.0.0, et 5.6.1 pour Windows, Unix, Linux et OS X

References

Title

Publication Time

Tags

Bulletin de sécurité Adobe APSB16-05 du 09 février 2016	None	vendor-advisory
Bulletin de sécurité Adobe APSB16-04 du 09 février 2016	None	vendor-advisory
Bulletin de sécurité Adobe APSB16-07 du 09 février 2016	None	vendor-advisory
Bulletin de sécurité Adobe APSB16-03 du 09 février 2016	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Adobe Bridge CC versions ant\u00e9rieures \u00e0 6.2 pour Windows et Macintosh",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Adobe Connect versions ant\u00e9rieures \u00e0 9.5.2 pour Windows",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Adobe Flash Player ESR versions ant\u00e9rieures \u00e0 18.0.0.329 pour Windows et Macintosh",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Adobe Photoshop CC 2014 versions ant\u00e9rieures \u00e0 15.2.4 (2014.2.4) pour Windows et Macintosh",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Adobe Flash Player versions ant\u00e9rieures \u00e0 11.2.202.569 pour Linux",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "AIR SDK versions ant\u00e9rieures \u00e0 20.0.0.260 pour Windows, Macintosh, Android et iOS",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Adobe Flash Player versions ant\u00e9rieures \u00e0 20.0.0.306 pour Windows et Macintosh",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Adobe Photoshop CC 2015 versions ant\u00e9rieures \u00e0 16.1.2 (2015.1.2) pour Windows et Macintosh",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "AIR SDK \u0026 Compiler versions ant\u00e9rieures \u00e0 20.0.0.260 pour Windows, Macintosh, Android et iOS",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Adobe Experience Manager versions 6.1.0, 6.0.0, et 5.6.1 pour Windows, Unix, Linux et OS X",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2016-0972",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0972"
    },
    {
      "name": "CVE-2016-0974",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0974"
    },
    {
      "name": "CVE-2016-0948",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0948"
    },
    {
      "name": "CVE-2016-0965",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0965"
    },
    {
      "name": "CVE-2016-0981",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0981"
    },
    {
      "name": "CVE-2016-0985",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0985"
    },
    {
      "name": "CVE-2016-0984",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0984"
    },
    {
      "name": "CVE-2016-0967",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0967"
    },
    {
      "name": "CVE-2016-0973",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0973"
    },
    {
      "name": "CVE-2016-0968",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0968"
    },
    {
      "name": "CVE-2016-0978",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0978"
    },
    {
      "name": "CVE-2016-0977",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0977"
    },
    {
      "name": "CVE-2016-0964",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0964"
    },
    {
      "name": "CVE-2016-0957",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0957"
    },
    {
      "name": "CVE-2016-0976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0976"
    },
    {
      "name": "CVE-2016-0958",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0958"
    },
    {
      "name": "CVE-2016-0956",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0956"
    },
    {
      "name": "CVE-2016-0971",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0971"
    },
    {
      "name": "CVE-2016-0952",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0952"
    },
    {
      "name": "CVE-2016-0975",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0975"
    },
    {
      "name": "CVE-2016-0982",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0982"
    },
    {
      "name": "CVE-2016-0955",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0955"
    },
    {
      "name": "CVE-2016-0950",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0950"
    },
    {
      "name": "CVE-2016-0983",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0983"
    },
    {
      "name": "CVE-2016-0969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0969"
    },
    {
      "name": "CVE-2016-0966",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0966"
    },
    {
      "name": "CVE-2016-0953",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0953"
    },
    {
      "name": "CVE-2016-0980",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0980"
    },
    {
      "name": "CVE-2016-0979",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0979"
    },
    {
      "name": "CVE-2016-0949",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0949"
    },
    {
      "name": "CVE-2016-0951",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0951"
    },
    {
      "name": "CVE-2016-0970",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0970"
    }
  ],
  "links": [],
  "reference": "CERTFR-2016-AVI-054",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2016-02-10T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles produits Adobe\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un contournement de la politique de s\u00e9curit\u00e9 et une atteinte\n\u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Adobe",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Adobe APSB16-05 du 09 f\u00e9vrier 2016",
      "url": "https://helpx.adobe.com/security/products/experience-manager/apsb16-05.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Adobe APSB16-04 du 09 f\u00e9vrier 2016",
      "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Adobe APSB16-07 du 09 f\u00e9vrier 2016",
      "url": "https://helpx.adobe.com/security/products/connect/apsb16-07.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Adobe APSB16-03 du 09 f\u00e9vrier 2016",
      "url": "https://helpx.adobe.com/security/products/photoshop/apsb16-03.html"
    }
  ]
}

CERTFR-2016-AVI-055

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	Windows	Microsoft Internet Explorer 11 pour Windows 8.1
Microsoft	Windows	Microsoft Internet Explorer 10 pour Windows Server 2012
Microsoft	Windows	Microsoft Internet Explorer 11 pour Windows 10
Microsoft	Windows	Microsoft Internet Explorer 9 pour Windows Vista SP2
Microsoft	Windows	Microsoft Internet Explorer 11 pour Windows RT 8.1
Microsoft	Windows	Microsoft Internet Explorer 11 pour Windows Server 2008 R2
Microsoft	Windows	Microsoft Internet Explorer 11 pour Windows Server 2012 R2
Microsoft	Windows	Microsoft Internet Explorer 11 pour Windows 7 SP1
Microsoft	Windows	Adobe Flash Player pour Windows Internet Explorer 10 et 11 sur Windows 8.1 et 10, Windows Server 2012 et 2012 R2, et Windows RT 8.1
Microsoft	Windows	Microsoft Internet Explorer 9 pour Windows Server 2008 SP2

References

Title

Publication Time

Tags

Bulletin de sécurité Adobe APSB16-04 du 09 février 2016	None	vendor-advisory
Bulletin de sécurité Microsoft MS16-022 du 09 février 2016	None	vendor-advisory
Bulletin de sécurité Microsoft MS16-009 du 09 février 2016	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft Internet Explorer 11 pour Windows 8.1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Internet Explorer 10 pour Windows Server 2012",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Internet Explorer 11 pour Windows 10",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Internet Explorer 9 pour Windows Vista SP2",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Internet Explorer 11 pour Windows RT 8.1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Internet Explorer 11 pour Windows Server 2008 R2",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Internet Explorer 11 pour Windows Server 2012 R2",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Internet Explorer 11 pour Windows 7 SP1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Adobe Flash Player pour Windows Internet Explorer 10 et 11 sur Windows 8.1 et 10, Windows Server 2012 et 2012 R2, et Windows RT 8.1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Internet Explorer 9 pour Windows Server 2008 SP2",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2016-0972",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0972"
    },
    {
      "name": "CVE-2016-0974",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0974"
    },
    {
      "name": "CVE-2016-0965",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0965"
    },
    {
      "name": "CVE-2016-0981",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0981"
    },
    {
      "name": "CVE-2016-0985",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0985"
    },
    {
      "name": "CVE-2016-0068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0068"
    },
    {
      "name": "CVE-2016-0984",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0984"
    },
    {
      "name": "CVE-2016-0967",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0967"
    },
    {
      "name": "CVE-2016-0063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0063"
    },
    {
      "name": "CVE-2016-0062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0062"
    },
    {
      "name": "CVE-2016-0973",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0973"
    },
    {
      "name": "CVE-2016-0968",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0968"
    },
    {
      "name": "CVE-2016-0077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0077"
    },
    {
      "name": "CVE-2016-0978",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0978"
    },
    {
      "name": "CVE-2016-0041",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0041"
    },
    {
      "name": "CVE-2016-0977",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0977"
    },
    {
      "name": "CVE-2016-0964",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0964"
    },
    {
      "name": "CVE-2016-0976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0976"
    },
    {
      "name": "CVE-2016-0061",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0061"
    },
    {
      "name": "CVE-2016-0971",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0971"
    },
    {
      "name": "CVE-2016-0060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0060"
    },
    {
      "name": "CVE-2016-0975",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0975"
    },
    {
      "name": "CVE-2016-0059",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0059"
    },
    {
      "name": "CVE-2016-0067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0067"
    },
    {
      "name": "CVE-2016-0982",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0982"
    },
    {
      "name": "CVE-2016-0983",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0983"
    },
    {
      "name": "CVE-2016-0072",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0072"
    },
    {
      "name": "CVE-2016-0969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0969"
    },
    {
      "name": "CVE-2016-0966",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0966"
    },
    {
      "name": "CVE-2016-0071",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0071"
    },
    {
      "name": "CVE-2016-0064",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0064"
    },
    {
      "name": "CVE-2016-0980",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0980"
    },
    {
      "name": "CVE-2016-0979",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0979"
    },
    {
      "name": "CVE-2016-0069",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0069"
    },
    {
      "name": "CVE-2016-0970",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0970"
    }
  ],
  "links": [],
  "reference": "CERTFR-2016-AVI-055",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2016-02-10T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eMicrosoft Internet Explorer\u003c/span\u003e. Certaines d\u0027entre\nelles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code\narbitraire \u00e0 distance, un contournement de la politique de s\u00e9curit\u00e9 et\nune atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Internet Explorer",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Adobe APSB16-04 du 09 f\u00e9vrier 2016",
      "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS16-022 du 09 f\u00e9vrier 2016",
      "url": "https://technet.microsoft.com/en-us/library/security/ms16-022"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS16-009 du 09 f\u00e9vrier 2016",
      "url": "https://technet.microsoft.com/en-us/library/security/ms16-009"
    }
  ]
}

CERTFR-2016-AVI-056

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Microsoft	Edge	Microsoft Edge pour Windows 10
	Microsoft	Edge	Adobe Flash Player versions antérieures à 20.0.0.306 pour Microsoft Edge sur Windows 10

References

Title

Publication Time

Tags

Bulletin de sécurité Adobe APSB16-04 du 09 février 2016	None	vendor-advisory
Bulletin de sécurité Microsoft MS16-022 du 09 février 2016	None	vendor-advisory
Bulletin de sécurité Microsoft MS16-011 du 09 février 2016	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft Edge pour Windows 10",
      "product": {
        "name": "Edge",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Adobe Flash Player versions ant\u00e9rieures \u00e0 20.0.0.306 pour Microsoft Edge sur Windows 10",
      "product": {
        "name": "Edge",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2016-0972",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0972"
    },
    {
      "name": "CVE-2016-0974",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0974"
    },
    {
      "name": "CVE-2016-0965",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0965"
    },
    {
      "name": "CVE-2016-0981",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0981"
    },
    {
      "name": "CVE-2016-0985",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0985"
    },
    {
      "name": "CVE-2016-0984",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0984"
    },
    {
      "name": "CVE-2016-0967",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0967"
    },
    {
      "name": "CVE-2016-0062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0062"
    },
    {
      "name": "CVE-2016-0973",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0973"
    },
    {
      "name": "CVE-2016-0968",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0968"
    },
    {
      "name": "CVE-2016-0077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0077"
    },
    {
      "name": "CVE-2016-0978",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0978"
    },
    {
      "name": "CVE-2016-0977",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0977"
    },
    {
      "name": "CVE-2016-0964",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0964"
    },
    {
      "name": "CVE-2016-0976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0976"
    },
    {
      "name": "CVE-2016-0061",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0061"
    },
    {
      "name": "CVE-2016-0971",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0971"
    },
    {
      "name": "CVE-2016-0060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0060"
    },
    {
      "name": "CVE-2016-0975",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0975"
    },
    {
      "name": "CVE-2016-0982",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0982"
    },
    {
      "name": "CVE-2016-0983",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0983"
    },
    {
      "name": "CVE-2016-0969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0969"
    },
    {
      "name": "CVE-2016-0966",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0966"
    },
    {
      "name": "CVE-2016-0080",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0080"
    },
    {
      "name": "CVE-2016-0980",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0980"
    },
    {
      "name": "CVE-2016-0979",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0979"
    },
    {
      "name": "CVE-2016-0084",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0084"
    },
    {
      "name": "CVE-2016-0970",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0970"
    }
  ],
  "links": [],
  "reference": "CERTFR-2016-AVI-056",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2016-02-10T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eMicrosoft Edge\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance et un\ncontournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Edge",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Adobe APSB16-04 du 09 f\u00e9vrier 2016",
      "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS16-022 du 09 f\u00e9vrier 2016",
      "url": "https://technet.microsoft.com/en-us/library/security/ms16-022"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS16-011 du 09 f\u00e9vrier 2016",
      "url": "https://technet.microsoft.com/en-us/library/security/ms16-011"
    }
  ]
}

BDU:2016-00457

Vulnerability from fstec - Published: 10.02.2016

Title

Уязвимость программных платформ Adobe Integrated Runtime и Flash Player, позволяющая нарушителю выполнить произвольный код

Description

Уязвимость программных платформ Adobe Integrated Runtime и Flash Player связана с использованием памяти после её освобождения. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, выполнить произвольный код

Severity

Vendor

Adobe Systems Inc.

Software Name

Adobe Integrated Runtime, Flash Player

Software Version

до 20.0.0.260 (Adobe Integrated Runtime), до 18.0.0.329 (Flash Player), от 19.0 до 20.0.0.306 (Flash Player), до 11.2.202.569 (Flash Player)

Possible Mitigations

Обновление программного обеспечения Adobe Integrated Runtime до версии 20.0.0.260, обновление программного обеспечения Flash Player до версии 20.0.0.306 под управлением операционных систем Windows и Mac OS X, обновление программного обеспечения Flash Player до версии 11.2.202.569 под управлением операционной системы Linux

Reference

https://helpx.adobe.com/security/products/flash-player/apsb16-04.html https://www.exploit-db.com/exploits/39462/

CWE

CWE-416

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
  "CVSS 3.0": null,
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Adobe Systems Inc.",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u0434\u043e 20.0.0.260 (Adobe Integrated Runtime), \u0434\u043e 18.0.0.329 (Flash Player), \u043e\u0442 19.0 \u0434\u043e 20.0.0.306 (Flash Player), \u0434\u043e 11.2.202.569 (Flash Player)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Adobe Integrated Runtime \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 20.0.0.260, \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Flash Player \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 20.0.0.306 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c Windows \u0438 Mac OS X, \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Flash Player \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 11.2.202.569 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "10.02.2016",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "06.02.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "02.03.2016",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2016-00457",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2016-0984",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Adobe Integrated Runtime, Flash Player",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux . 64-bit, \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux . 32-bit, Apple Inc. MacOS X 32-bit, \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux . PowerPC, Microsoft Corp Windows - 64-bit, Microsoft Corp Windows - 32-bit, Apple Inc. MacOS X 64-bit, Apple Inc. MacOS X PowerPC, Google Inc Android . 64-bit, Google Inc Android . 32-bit, Google Inc Android . ARM, \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux . ARM, Microsoft Corp Windows - ARM, BlackBerry Limited Tablet OS . ARM, Apple Inc. iOS . PowerPC, Apple Inc. MacOS X ARM, Apple Inc. iOS . ARM",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c Adobe Integrated Runtime \u0438 Flash Player, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u043e\u0441\u043b\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f (CWE-416)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c Adobe Integrated Runtime \u0438 Flash Player \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043f\u0430\u043c\u044f\u0442\u0438 \u043f\u043e\u0441\u043b\u0435 \u0435\u0451 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": "-",
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html\nhttps://www.exploit-db.com/exploits/39462/",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-416",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 10)"
}

CNVD-2016-01075

Vulnerability from cnvd - Published: 2016-02-17

Title

Adobe Flash Player& Compiler内存错误引用漏洞（CNVD-2016-01075）

Description

Adobe Flash Player& Compiler是美国奥多比（Adobe）公司的一个集成的多媒体播放器，短小精悍，能够在各种浏览器、操作系统和移动设备上使用。多款Adobe产品中存在内存错误引用漏洞。攻击者可利用该漏洞执行任意代码。

Severity

高

Patch Name

Adobe Flash Player& Compiler内存错误引用漏洞（CNVD-2016-01075）的补丁

Patch Description

Adobe Flash Player& Compiler是美国奥多比（Adobe）公司的一个集成的多媒体播放器，短小精悍，能够在各种浏览器、操作系统和移动设备上使用。多款Adobe产品中存在内存错误引用漏洞。攻击者可利用该漏洞执行任意代码。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

用户可参考如下厂商提供的安全公告获取补丁以修复该漏洞： https://helpx.adobe.com/security/products/flash-player/apsb16-04.html

Reference

https://helpx.adobe.com/security/products/flash-player/apsb16-04.html

Impacted products

Name
['Adobe Flash Player(on Windows/OS X) \r\n19.x', 'Adobe Flash Player < 18.0.0.329', 'Adobe Flash Player(on Windows/OS X) 20.x(<20.0.0.306)', 'Adobe AIR SDK & Compiler < 20.0.0.260', 'Adobe AIR SDK < 20.0.0.260', 'Adobe AIR < 20.0.0.260']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-0984"
    }
  },
  "description": "Adobe Flash Player\u0026 Compiler\u662f\u7f8e\u56fd\u5965\u591a\u6bd4\uff08Adobe\uff09\u516c\u53f8\u7684\u4e00\u4e2a\u96c6\u6210\u7684\u591a\u5a92\u4f53\u64ad\u653e\u5668\uff0c\u77ed\u5c0f\u7cbe\u608d\uff0c\u80fd\u591f\u5728\u5404\u79cd\u6d4f\u89c8\u5668\u3001\u64cd\u4f5c\u7cfb\u7edf\u548c\u79fb\u52a8\u8bbe\u5907\u4e0a\u4f7f\u7528\u3002\r\n\r\n\u591a\u6b3eAdobe\u4ea7\u54c1\u4e2d\u5b58\u5728\u5185\u5b58\u9519\u8bef\u5f15\u7528\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002",
  "discovererName": "Natalie Silvanovich of Google Project Zero",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u53d6\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttps://helpx.adobe.com/security/products/flash-player/apsb16-04.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-01075",
  "openTime": "2016-02-17",
  "patchDescription": "Adobe Flash Player\u0026 Compiler\u662f\u7f8e\u56fd\u5965\u591a\u6bd4\uff08Adobe\uff09\u516c\u53f8\u7684\u4e00\u4e2a\u96c6\u6210\u7684\u591a\u5a92\u4f53\u64ad\u653e\u5668\uff0c\u77ed\u5c0f\u7cbe\u608d\uff0c\u80fd\u591f\u5728\u5404\u79cd\u6d4f\u89c8\u5668\u3001\u64cd\u4f5c\u7cfb\u7edf\u548c\u79fb\u52a8\u8bbe\u5907\u4e0a\u4f7f\u7528\u3002\r\n\r\n\u591a\u6b3eAdobe\u4ea7\u54c1\u4e2d\u5b58\u5728\u5185\u5b58\u9519\u8bef\u5f15\u7528\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Adobe Flash Player\u0026 Compiler\u5185\u5b58\u9519\u8bef\u5f15\u7528\u6f0f\u6d1e\uff08CNVD-2016-01075\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Adobe Flash Player(on Windows/OS X) \r\n19.x",
      "Adobe Flash Player \u003c 18.0.0.329",
      "Adobe Flash Player(on Windows/OS X) 20.x(\u003c20.0.0.306)",
      "Adobe AIR SDK \u0026 Compiler \u003c 20.0.0.260",
      "Adobe AIR SDK \u003c 20.0.0.260",
      "Adobe AIR \u003c 20.0.0.260"
    ]
  },
  "referenceLink": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html",
  "serverity": "\u9ad8",
  "submitTime": "2016-02-11",
  "title": "Adobe Flash Player\u0026 Compiler\u5185\u5b58\u9519\u8bef\u5f15\u7528\u6f0f\u6d1e\uff08CNVD-2016-01075\uff09"
}

FKIE_CVE-2016-0984

Vulnerability from fkie_nvd - Published: 2016-02-10 20:59 - Updated: 2026-04-22 13:01

CISA KEV

Severity

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
psirt@adobe.com	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html	Broken Link, Third Party Advisory
psirt@adobe.com	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html	Broken Link, Third Party Advisory
psirt@adobe.com	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html	Broken Link, Third Party Advisory
psirt@adobe.com	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html	Broken Link, Third Party Advisory
psirt@adobe.com	http://rhn.redhat.com/errata/RHSA-2016-0166.html	Third Party Advisory
psirt@adobe.com	http://www.securitytracker.com/id/1034970	Broken Link, Third Party Advisory, VDB Entry
psirt@adobe.com	https://helpx.adobe.com/security/products/flash-player/apsb16-04.html	Patch, Vendor Advisory
psirt@adobe.com	https://security.gentoo.org/glsa/201603-07	Third Party Advisory
psirt@adobe.com	https://www.exploit-db.com/exploits/39462/	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2016-0166.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1034970	Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://helpx.adobe.com/security/products/flash-player/apsb16-04.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://security.gentoo.org/glsa/201603-07	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/39462/	Exploit, Third Party Advisory, VDB Entry
134c704f-9b21-4f2e-91b3-4a467353bcc0	https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-0984	US Government Resource

Impacted products

Vendor	Product	Version
adobe	flash_player	*
microsoft	windows	-
adobe	flash_player	*
microsoft	windows	-
adobe	flash_player	*
linux	linux_kernel	-
adobe	flash_player_desktop_runtime	*
apple	mac_os_x	-
microsoft	windows	-
adobe	flash_player	*
apple	mac_os_x	-
microsoft	windows	-
adobe	flash_player	*
apple	mac_os_x	-
google	chrome_os	-
linux	linux_kernel	-
microsoft	windows	-
adobe	air_desktop_runtime	*
apple	mac_os_x	-
microsoft	windows	-
adobe	air_sdk	*
apple	iphone_os	-
apple	mac_os_x	-
google	android	-
microsoft	windows	-
adobe	air_sdk_\&_compiler	*
apple	iphone_os	-
apple	mac_os_x	-
google	android	-
microsoft	windows	-

JSON

To clipboard

{
  "cisaActionDue": "2022-06-15",
  "cisaExploitAdd": "2022-05-25",
  "cisaRequiredAction": "The impacted products are end-of-life and should be disconnected if still in use.",
  "cisaVulnerabilityName": "Adobe Flash Player and AIR Use-After-Free Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*",
              "matchCriteriaId": "F40FBAAB-92FC-45AF-B656-E87ECC4C4816",
              "versionEndIncluding": "20.0.0.272",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*",
              "matchCriteriaId": "E823E5FE-7367-41DE-8CD7-842C5C2F53CE",
              "versionEndIncluding": "20.0.0.272",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C8C62C1-327A-4D04-A51C-0614DB4F5493",
              "versionEndIncluding": "11.2.202.559",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BAFA5674-4EBC-4587-87C6-22A522B487C6",
              "versionEndIncluding": "20.0.0.286",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*",
              "matchCriteriaId": "002CFEA6-D147-44B4-90FC-0D3C68D96082",
              "versionEndIncluding": "18.0.0.326",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*",
              "matchCriteriaId": "686929A4-EB67-47B6-87EC-453BCD13FE20",
              "versionEndIncluding": "20.0.0.286",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "18BA497D-0C1D-451E-B54F-4028FD9B9F3B",
              "versionEndIncluding": "20.0.0.233",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F09C5C9A-0493-4601-84AE-3A9C5985231D",
              "versionEndIncluding": "20.0.0.233",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "00D08966-361A-430D-9B39-ED143404EBF6",
              "versionEndIncluding": "20.0.0.233",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0982, and CVE-2016-0983."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.329 y 19.x y 20.x en versiones anteriores a 20.0.0.306 en Windows y OS X y en versiones anteriores a 11.2.202.569 en Linux, Adobe AIR en versiones anteriores a 20.0.0.260, Adobe AIR SDK en versiones anteriores a 20.0.0.260 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 20.0.0.260 permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0982 y CVE-2016-0983."
    }
  ],
  "id": "CVE-2016-0984",
  "lastModified": "2026-04-22T13:01:44.313",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2016-02-10T20:59:32.563",
  "references": [
    {
      "source": "psirt@adobe.com",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html"
    },
    {
      "source": "psirt@adobe.com",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html"
    },
    {
      "source": "psirt@adobe.com",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html"
    },
    {
      "source": "psirt@adobe.com",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html"
    },
    {
      "source": "psirt@adobe.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html"
    },
    {
      "source": "psirt@adobe.com",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1034970"
    },
    {
      "source": "psirt@adobe.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html"
    },
    {
      "source": "psirt@adobe.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.gentoo.org/glsa/201603-07"
    },
    {
      "source": "psirt@adobe.com",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/39462/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1034970"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.gentoo.org/glsa/201603-07"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/39462/"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "US Government Resource"
      ],
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-0984"
    }
  ],
  "sourceIdentifier": "psirt@adobe.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-416"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-416"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

GHSA-WG97-QRH5-P5PR

Vulnerability from github – Published: 2022-05-17 01:08 – Updated: 2025-10-22 00:31

Details

Severity

9.8 (Critical)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2016-0984"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2016-02-10T20:59:00Z",
    "severity": "CRITICAL"
  },
  "details": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0982, and CVE-2016-0983.",
  "id": "GHSA-wg97-qrh5-p5pr",
  "modified": "2025-10-22T00:31:12Z",
  "published": "2022-05-17T01:08:11Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0984"
    },
    {
      "type": "WEB",
      "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/201603-07"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-0984"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/39462"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1034970"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2016-0984 (GCVE-0-2016-0984)

CISA KEV

Known Exploited Vulnerability - GCVE BCP-07 Compliant

Timestamps

Scope

Evidence

Vendor Report Successful Exploitation Confidence: 80% Source: cisa-kev

Details

References

Solution

Solution

Solution

Solution

Solution

Solution

Tags

Sightings

Nomenclature