Vulnerability CVE-2016-1019: Information

Description

Adobe Flash Player 21.0.0.197 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors, as exploited in the wild in April 2016.

Severity: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2016-1019

Published: April 7, 2016

Modified: Nov. 10, 2022

Fixed packages

Package name	Branch	Fixed in version	Version from repository	Errata ID	Task #	State
adobe-flash-player	p9	11-alt61	32-alt1110	ALT-PU-2016-1305-1	162673	Fixed
adobe-flash-player	c9f2	11-alt61	32-alt117	ALT-PU-2016-1305-1	162673	Fixed

References to Advisories, Solutions, and Tools

Hyperlink	Resource
https://helpx.adobe.com/security/products/flash-player/apsa16-01.html	Vendor Advisory
http://blogs.adobe.com/psirt/?p=1330	Broken Link Vendor Advisory
https://helpx.adobe.com/security/products/flash-player/apsb16-10.html	Vendor Advisory
GLSA-201606-08	Third Party Advisory
RHSA-2016:0610	Third Party Advisory
SUSE-SU-2016:1305	Broken Link
openSUSE-SU-2016:1306	Broken Link
openSUSE-SU-2016:1157	Broken Link
SUSE-SU-2016:0990	Broken Link
openSUSE-SU-2016:0997	Broken Link
1035491	Broken Link Third Party Advisory VDB Entry
openSUSE-SU-2016:0987	Broken Link
https://www.fireeye.com/blog/threat-research/2016/04/cve-2016-1019_a_new.html	Broken Link
85856	Broken Link Third Party Advisory VDB Entry
MS16-050	Patch Third Party Advisory Vendor Advisory

Affected configurations:
1. Configuration 1
  cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
  
  Configuration 2
  cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*
  Running on/with:
  cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
  
  Configuration 3
  cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*
  Running on/with:
  cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
  
  Configuration 4
  cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*
  Running on/with:
  cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
  
  Configuration 5
  cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*
  Running on/with:
  cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*
  
  Configuration 6
  cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
  
  Configuration 7
  cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
  
  Configuration 8
  cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
  
  Configuration 9
  cpe:2.3:a:adobe:air_sdk_\&_compiler:*:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Version: v24.4.2

Vulnerability CVE-2016-1019: Information

Description

Fixed packages

References to Advisories, Solutions, and Tools

Configuration 1

Configuration 2

Configuration 3

Configuration 4

Configuration 5

Configuration 6

Configuration 7

Configuration 8

Configuration 9