CVE-2016-4150

high-risk
Published 2016-06-16

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

Do I need to act?

~
5.7% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
8
CVSS 8.8/10 High
NETWORK / LOW complexity

Affected Products (18)

Affected Vendors

Suse Adobe Redhat Opensuse

References (14)

Broken Link http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html
Broken Link http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html
Broken Link http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html
Broken Link http://www.securitytracker.com/id/1036117
Third Party Advisory https://access.redhat.com/errata/RHSA-2016:1238
Patch https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-08...
Patch https://helpx.adobe.com/security/products/flash-player/apsb16-18.html
Broken Link http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html
Broken Link http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html
Broken Link http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html
Broken Link http://www.securitytracker.com/id/1036117
Third Party Advisory https://access.redhat.com/errata/RHSA-2016:1238
Patch https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-08...
Patch https://helpx.adobe.com/security/products/flash-player/apsb16-18.html
58
/ 100
high-risk
Severity 30/34 · Critical
Exploitability 9/34 · Low
Exposure 19/34 · Moderate