CVE-2016-1019
published 2016-04-07CVE-2016-1019: Adobe Flash Player 21.0.0.197 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2022-03-24
Exploited in the wild
Adobe Flash Player 21.0.0.197 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors, as exploited in the wild in April 2016.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| adobe | air_desktop_runtime | <= 21.0.0.176 | — |
| adobe | air_sdk | <= 21.0.0.176 | — |
| adobe | air_sdk_compiler | <= 21.0.0.176 | — |
| adobe | flash_player | <= 11.2.202.577 | — |
| adobe | flash_player | <= 18.0.0.333 | — |
| adobe | flash_player | <= 21.0.0.197 | — |
| adobe | flash_player_desktop_runtime | <= 21.0.0.197 | — |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
osv9.8CRITICAL
vulncheck9.8CRITICAL
cisa9.8CRITICAL