First published: Wed May 11 2016(Updated: )
Adobe Flash Player 21.0.0.226 and earlier allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in May 2016.
Credit: psirt@adobe.com psirt@adobe.com
Affected Software | Affected Version | How to fix |
---|---|---|
Adobe Flash Player for Internet Explorer 11 | ||
macOS Yosemite | ||
Google Chrome OS | ||
Linux Kernel | ||
Microsoft Windows | ||
Adobe Flash Player for Internet Explorer 11 | <=21.0.0.226 | |
redhat enterprise Linux desktop | =5.0 | |
redhat enterprise Linux desktop | =6.0 | |
redhat enterprise Linux server | =5.0 | |
redhat enterprise Linux server | =6.0 | |
Red Hat Enterprise Linux Server Supplementary EUS | =5.0 | |
Red Hat Enterprise Linux Server Supplementary EUS | =6.0 | |
redhat enterprise Linux workstation | =5.0 | |
redhat enterprise Linux workstation | =6.0 | |
openSUSE Evergreen | =11.4 | |
openSUSE | =13.1 | |
openSUSE | =13.2 | |
SUSE Linux Enterprise Desktop with Beagle | =12 | |
SUSE Linux Enterprise Desktop with Beagle | =12-sp1 | |
SUSE Linux Enterprise Workstation Extension | =12 | |
SUSE Linux Enterprise Workstation Extension | =12-sp1 | |
<=21.0.0.226 | ||
=5.0 | ||
=6.0 | ||
=5.0 | ||
=6.0 | ||
=5.0 | ||
=6.0 | ||
=5.0 | ||
=6.0 | ||
=11.4 | ||
=13.1 | ||
=13.2 | ||
=12 | ||
=12-sp1 | ||
=12 | ||
=12-sp1 |
The impacted product is end-of-life and should be disconnected if still in use.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2016-4117 is considered a critical vulnerability due to its potential for remote code execution.
To fix CVE-2016-4117, update Adobe Flash Player to version 21.0.0.227 or later.
CVE-2016-4117 affects users of Adobe Flash Player 21.0.0.226 and earlier versions on various platforms.
CVE-2016-4117 can be exploited by remote attackers through unspecified vectors to execute arbitrary code.
CVE-2016-4117 was actively exploited in the wild starting in May 2016.