CVE-2016-4138

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
OR cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*
OR cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
OR cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*
OR cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*
cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_11:*:*

Configuration 4 (hide)

AND
cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*
OR cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Configuration 6 (hide)

OR cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:a:adobe:flash_player:-:*:*:*:*:*:*:*
OR cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2012:-:r2:*:*:*:*:*:*

History

19 Nov 2021, 11:23

Type Values Removed Values Added
References (EXPLOIT-DB) https://www.exploit-db.com/exploits/40090/ - (EXPLOIT-DB) https://www.exploit-db.com/exploits/40090/ - Exploit, Third Party Advisory, VDB Entry
References (CONFIRM) https://helpx.adobe.com/security/products/flash-player/apsb16-18.html - Patch, Vendor Advisory (CONFIRM) https://helpx.adobe.com/security/products/flash-player/apsb16-18.html - Vendor Advisory
References (MS) https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083 - (MS) https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083 - Patch, Third Party Advisory
References (SUSE) http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html - (SUSE) http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html - Broken Link, Third Party Advisory
References (SECTRACK) http://www.securitytracker.com/id/1036117 - (SECTRACK) http://www.securitytracker.com/id/1036117 - Third Party Advisory, VDB Entry
References (SUSE) http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html - (SUSE) http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html - Broken Link, Third Party Advisory
References (SUSE) http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html - (SUSE) http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html - Broken Link, Third Party Advisory
CPE cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_for_linux:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*
cpe:2.3:o:google:chrome_os:*:*:*:*:*:*:*:*
cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_11:*:*
cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2012:-:r2:*:*:*:*:*:*
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*

22 Sep 2021, 14:23

Type Values Removed Values Added
CPE cpe:2.3:o:apple:mac_os:*:*:*:*:*:*:*:* cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Information

Published : 2016-06-16 14:59

Updated : 2023-12-10 11:46


NVD link : CVE-2016-4138

Mitre link : CVE-2016-4138

CVE.ORG link : CVE-2016-4138


JSON object : View

Products Affected

redhat

  • enterprise_linux_server
  • enterprise_linux_desktop
  • enterprise_linux_workstation

opensuse

  • opensuse

suse

  • linux_enterprise_desktop
  • linux_enterprise_workstation_extension

adobe

  • flash_player_desktop_runtime
  • flash_player

microsoft

  • windows_rt_8.1
  • windows_server_2012
  • windows
  • windows_10
  • windows_8.1

apple

  • macos

linux

  • linux_kernel

google

  • chrome_os