First published: Thu Jun 16 2016(Updated: )
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in June 2016.
Credit: psirt@adobe.com psirt@adobe.com
Affected Software | Affected Version | How to fix |
---|---|---|
Macromedia Flash Player | ||
All of | ||
Macromedia Flash Player | <=11.2.202.621 | |
Linux Kernel | ||
All of | ||
Macromedia Flash Player | <=21.0.0.242 | |
Any of | ||
Apple iOS and macOS | ||
macOS | ||
Microsoft Windows Operating System | ||
All of | ||
Any of | ||
Apple iOS and macOS | ||
macOS | ||
Chrome OS | ||
Linux Kernel | ||
Microsoft Windows Operating System | ||
Macromedia Flash Player | <=21.0.0.242 | |
All of | ||
Microsoft Windows | ||
Macromedia Flash Player | <=21.0.0.242 | |
All of | ||
Macromedia Flash Player | <=18.0.0.352 | |
Any of | ||
Apple iOS and macOS | ||
macOS | ||
Microsoft Windows Operating System | ||
All of | ||
Windows 10 | ||
Any of | ||
Macromedia Flash Player | <=21.0.0.242 | |
Macromedia Flash Player | <=21.0.0.242 | |
Red Hat Enterprise Linux Desktop | =5.0 | |
Red Hat Enterprise Linux Desktop | =6.0 | |
Red Hat Enterprise Linux Server | =5.0 | |
Red Hat Enterprise Linux Server | =6.0 | |
Red Hat Enterprise Linux Workstation | =5.0 | |
Red Hat Enterprise Linux Workstation | =6.0 | |
openSUSE | =13.1 | |
openSUSE | =13.2 | |
SUSE Linux Enterprise Desktop | =12 | |
SUSE Linux Enterprise Desktop | =12-sp1 | |
SUSE Linux Workstation Extension | =12 | |
SUSE Linux Workstation Extension | =12-sp1 | |
Adobe Flash Player | <=11.2.202.621 | |
Linux Kernel | ||
Macromedia Flash Player | <=21.0.0.242 | |
Apple iOS and macOS | ||
macOS | ||
Microsoft Windows Operating System | ||
Chrome OS | ||
Macromedia Flash Player | <=21.0.0.242 | |
Microsoft Windows | ||
Macromedia Flash Player | <=21.0.0.242 | |
Macromedia Flash Player | <=18.0.0.352 | |
Windows 10 | ||
Macromedia Flash Player | <=21.0.0.242 |
The impacted product is end-of-life and should be disconnected if still in use.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2016-4171 is considered a critical vulnerability that allows for remote code execution in Adobe Flash Player.
To fix CVE-2016-4171, update Adobe Flash Player to the latest version available.
CVE-2016-4171 affects Adobe Flash Player version 21.0.0.242 and earlier.
Yes, CVE-2016-4171 can be exploited remotely by attackers to execute arbitrary code.
The impacts of CVE-2016-4171 may include data theft, system compromise, and unauthorized access to sensitive information.