CVE-2016-6983

Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989, and CVE-2016-6990.

CVSS v3 8.8 HIGH
CVSS v2.0 9.3 HIGH

8.8^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

9.3^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 8.6 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://rhn.redhat.com/errata/RHSA-2016-2057.html	Third Party Advisory
http://www.securityfocus.com/bid/93490	Broken Link Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1036985	Broken Link Third Party Advisory VDB Entry
https://helpx.adobe.com/security/products/flash-player/apsb16-32.html	Patch Vendor Advisory
https://security.gentoo.org/glsa/201610-10	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-2057.html	Third Party Advisory
http://www.securityfocus.com/bid/93490	Broken Link Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1036985	Broken Link Third Party Advisory VDB Entry
https://helpx.adobe.com/security/products/flash-player/apsb16-32.html	Patch Vendor Advisory
https://security.gentoo.org/glsa/201610-10	Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*

OR	cpe:2.3:o:apple:mac_os_x:-:::::::*
	cpe:2.3:o:google:chrome_os:-:::::::*
	cpe:2.3:o:linux:linux_kernel:-:::::::*
	cpe:2.3:o:microsoft:windows:-:::::::*

Configuration 2 (hide)

AND

OR	cpe:2.3:a:adobe:flash_player::::::edge::*
	cpe:2.3:a:adobe:flash_player::::::internet_explorer::*

OR	cpe:2.3:o:microsoft:windows_10:-:::::::*
	cpe:2.3:o:microsoft:windows_8.1:-:::::::*

Configuration 3 (hide)

AND

OR	cpe:2.3:o:apple:mac_os_x:-:::::::*
	cpe:2.3:o:microsoft:windows:-:::::::*

OR	cpe:2.3:a:adobe:flash_player:::::esr:::*
	cpe:2.3:a:adobe:flash_player_desktop_runtime::::::::

Configuration 4 (hide)

AND

cpe:2.3:a:adobe:flash_player:*:*:*:*:*:linux:*:*

cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

History

21 Nov 2024, 02:57

Type	Values Removed	Values Added
References	~~() http://rhn.redhat.com/errata/RHSA-2016-2057.html - Third Party Advisory~~	() http://rhn.redhat.com/errata/RHSA-2016-2057.html - Third Party Advisory
References	~~() http://www.securityfocus.com/bid/93490 - Broken Link, Third Party Advisory, VDB Entry~~	() http://www.securityfocus.com/bid/93490 - Broken Link, Third Party Advisory, VDB Entry
References	~~() http://www.securitytracker.com/id/1036985 - Broken Link, Third Party Advisory, VDB Entry~~	() http://www.securitytracker.com/id/1036985 - Broken Link, Third Party Advisory, VDB Entry
References	~~() https://helpx.adobe.com/security/products/flash-player/apsb16-32.html - Patch, Vendor Advisory~~	() https://helpx.adobe.com/security/products/flash-player/apsb16-32.html - Patch, Vendor Advisory
References	~~() https://security.gentoo.org/glsa/201610-10 - Third Party Advisory~~	() https://security.gentoo.org/glsa/201610-10 - Third Party Advisory

18 Nov 2022, 16:39

Type	Values Removed	Values Added
CWE	~~CWE-119~~	CWE-787
CVSS	v2 : ~~10.0~~ v3 : ~~9.8~~	v2 : 9.3 v3 : 8.8
References	~~(GENTOO) https://security.gentoo.org/glsa/201610-10 -~~	(GENTOO) https://security.gentoo.org/glsa/201610-10 - Third Party Advisory
References	~~(SECTRACK) http://www.securitytracker.com/id/1036985 -~~	(SECTRACK) http://www.securitytracker.com/id/1036985 - Broken Link, Third Party Advisory, VDB Entry
References	~~(BID) http://www.securityfocus.com/bid/93490 -~~	(BID) http://www.securityfocus.com/bid/93490 - Broken Link, Third Party Advisory, VDB Entry
References	~~(REDHAT) http://rhn.redhat.com/errata/RHSA-2016-2057.html -~~	(REDHAT) http://rhn.redhat.com/errata/RHSA-2016-2057.html - Third Party Advisory
CPE	cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:microsoft:windows_10:::::::: cpe:2.3:o:microsoft:windows:::::::: cpe:2.3:o:apple:mac_os_x:::::::: cpe:2.3:o:google:chrome_os:::::::: cpe:2.3:o:microsoft:windows_8.1::::::::	cpe:2.3:o:google:chrome_os:-:::::::* cpe:2.3:o:linux:linux_kernel:-:::::::* cpe:2.3:o:microsoft:windows_8.1:-:::::::* cpe:2.3:o:apple:mac_os_x:-:::::::* cpe:2.3:o:microsoft:windows:-:::::::* cpe:2.3:o:microsoft:windows_10:-:::::::*

Information

Published : 2016-10-13 19:59

Updated : 2025-04-12 10:46

NVD link : CVE-2016-6983

Mitre link : CVE-2016-6983

CVE.ORG link : CVE-2016-6983

JSON object : View

Products Affected

microsoft

windows
windows_10
windows_8.1

apple

mac_os_x

adobe

flash_player
flash_player_desktop_runtime

linux

linux_kernel

google

chrome_os

CWE

CWE-787

Out-of-bounds Write

8.8 /10