CVE-2016-4137
First published: Thu Jun 16 2016(Updated: )
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat enterprise Linux desktop | =5.0 | |
| redhat enterprise Linux desktop | =6.0 | |
| redhat enterprise Linux server | =5.0 | |
| redhat enterprise Linux server | =6.0 | |
| redhat enterprise Linux workstation | =5.0 | |
| redhat enterprise Linux workstation | =6.0 | |
| Adobe Acrobat Reader | <=21.0.0.242 | |
| Adobe Flash Player | <=21.0.0.242 | |
| Apple iOS and macOS | ||
| Chrome OS | ||
| Linux Kernel | ||
| Microsoft Windows | ||
| Microsoft Windows 10 | ||
| Microsoft Windows 8.1 | ||
| Adobe Acrobat Reader | <=21.0.0.242 | |
| Adobe Acrobat Reader | <=21.0.0.242 | |
| Adobe Acrobat Reader | <=11.2.202.621 | |
| Adobe Acrobat Reader | <=18.0.0.352 | |
| openSUSE | =13.1 | |
| openSUSE | =13.2 | |
| SUSE Linux Enterprise Desktop with Beagle | =12 | |
| SUSE Linux Enterprise Desktop with Beagle | =12-sp1 | |
| SUSE Linux Enterprise Workstation Extension | =12 | |
| SUSE Linux Enterprise Workstation Extension | =12-sp1 | |
| Adobe Acrobat Reader | ||
| Microsoft Windows 10 | =1511 | |
| Microsoft Windows RT | ||
| Microsoft Windows Server 2012 x64 | ||
| Microsoft Windows Server 2012 x64 | =r2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html
- http://www.securitytracker.com/id/1036117
- https://access.redhat.com/errata/RHSA-2016:1238
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083
- https://helpx.adobe.com/security/products/flash-player/apsb16-18.html
- https://www.exploit-db.com/exploits/40089/
Frequently Asked Questions
What is the severity of CVE-2016-4137?
The severity of CVE-2016-4137 is currently unknown due to unspecified impact and attack vectors.
How do I fix CVE-2016-4137?
To fix CVE-2016-4137, users should update to the latest version of Adobe Flash Player or apply any vendor-specific patches.
Which versions of Adobe Flash Player are affected by CVE-2016-4137?
CVE-2016-4137 affects Adobe Flash Player 21.0.0.242 and earlier versions.
Is CVE-2016-4137 specific to certain operating systems?
CVE-2016-4137 affects specific versions of Adobe Flash Player as integrated into Red Hat Enterprise Linux and Microsoft Internet Explorer 10 and 11.
Are there any workarounds for CVE-2016-4137?
Currently, the best workaround for CVE-2016-4137 is to disable Adobe Flash Player until a fix is applied.
- agent/references
- agent/type
- agent/severity
- agent/author
- agent/remedy
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/redhat
- canonical/redhat enterprise linux desktop
- version/redhat enterprise linux desktop/5.0
- version/redhat enterprise linux desktop/6.0
- canonical/redhat enterprise linux server
- version/redhat enterprise linux server/5.0
- version/redhat enterprise linux server/6.0
- canonical/redhat enterprise linux workstation
- version/redhat enterprise linux workstation/5.0
- version/redhat enterprise linux workstation/6.0
- vendor/adobe
- canonical/adobe acrobat reader
- version/adobe acrobat reader/21.0.0.242
- canonical/adobe flash player
- version/adobe flash player/21.0.0.242
- vendor/apple
- canonical/apple ios and macos
- vendor/google
- canonical/chrome os
- vendor/linux
- canonical/linux kernel
- vendor/microsoft
- canonical/microsoft windows
- canonical/microsoft windows 10
- canonical/microsoft windows 8.1
- version/adobe acrobat reader/11.2.202.621
- version/adobe acrobat reader/18.0.0.352
- vendor/opensuse
- canonical/opensuse
- version/opensuse/13.1
- version/opensuse/13.2
- vendor/suse
- canonical/suse linux enterprise desktop with beagle
- version/suse linux enterprise desktop with beagle/12
- version/suse linux enterprise desktop with beagle/12-sp1
- canonical/suse linux enterprise workstation extension
- version/suse linux enterprise workstation extension/12
- version/suse linux enterprise workstation extension/12-sp1
- version/microsoft windows 10/1511
- canonical/microsoft windows rt
- canonical/microsoft windows server 2012 x64
- version/microsoft windows server 2012 x64/r2