CVE-2016-1104
published 2016-05-11CVE-2016-1104: Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and…
PriorityP263high7.5CVSS 3.0
AVNACHPRNUIRSUCHIHAH
EXPLOIT
EPSS
39.65%
98.4th percentile
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| adobe | air_desktop_runtime | <= 21.0.0.198 | — |
| adobe | air_sdk | <= 21.0.0.198 | — |
| adobe | air_sdk_compiler | <= 21.0.0.198 | — |
| adobe | flash_player | <= 21.0.0.241 | — |
| adobe | flash_player | <= 18.0.0.343 | — |
| adobe | flash_player | <= 11.2.202.616 | — |
| adobe | flash_player | <= 21.0.0.216 | — |
| adobe | flash_player | <= 21.0.0.213 | — |
| adobe | flash_player_desktop_runtime | <= 21.0.0.226 | — |
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Look for SWF files being served with query parameters referencing image indices (e.g., ?img=<integer>), which matches the PoC delivery pattern for this out-of-bounds read vulnerability. ↗
- →The vulnerability is an out-of-bounds read triggered when Adobe Flash Player processes a corrupt/malformed image placed via a SWF file; inspect Flash content loading external image resources for anomalous memory read patterns. ↗
- →Flag Adobe Flash Player versions 21.0.0.213 and earlier (Windows/IE/Edge context) as vulnerable; presence of flash-plugin below patched thresholds (18.0.0.352 / 21.0.0.242 on Win/OSX, 11.2.202.621 on Linux) should trigger an alert. ↗
- ·CVE-2016-1104 is listed as one of multiple distinct memory-corruption vulnerabilities sharing the same affected Flash Player version range; detections based solely on version will not differentiate between the 17 related CVEs patched in APSB16-15 / MS16-064. ↗
- ·The attack vectors and impact for CVE-2016-1104 specifically (as used in IE10/11 and Edge) are officially unspecified, limiting the ability to craft precise behavioral detections beyond version checks. ↗
CVSS provenance
nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.07.6HIGHAV:N/AC:H/Au:N/C:C/I:C/A:C
osv7.5HIGH
vendor_redhat7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-6gc7-g2p6-mq5h: Adobe Flash Player before 18
ghsa_unreviewed·2022-05-14·CVSS 7.5
CVE-2016-4161 [HIGH] CWE-119 GHSA-6gc7-g2p6-mq5h: Adobe Flash Player before 18
Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4160, CVE-2016-4162, and CVE-2016-4163.
GHSA
GHSA-6hcp-v9xq-2g4x: Adobe Flash Player before 18
ghsa_unreviewed·2022-05-14·CVSS 7.5
CVE-2016-4163 [HIGH] CWE-119 GHSA-6hcp-v9xq-2g4x: Adobe Flash Player before 18
Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4160, CVE-2016-4161, and CVE-2016-4162.
GHSA
GHSA-799p-jh5j-8wjj: Adobe Flash Player before 18
ghsa_unreviewed·2022-05-14·CVSS 7.5
CVE-2016-4160 [HIGH] CWE-119 GHSA-799p-jh5j-8wjj: Adobe Flash Player before 18
Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4161, CVE-2016-4162, and CVE-2016-4163.
GHSA
GHSA-3g5f-wchp-h22r: Adobe Flash Player before 18
ghsa_unreviewed·2022-05-14·CVSS 7.5
CVE-2016-4120 [HIGH] CWE-119 GHSA-3g5f-wchp-h22r: Adobe Flash Player before 18
Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4160, CVE-2016-4161, CVE-2016-4162, and CVE-2016-4163.
GHSA
GHSA-48g8-vqvw-2wfm: Adobe Flash Player before 18
ghsa_unreviewed·2022-05-14·CVSS 7.5
CVE-2016-4162 [HIGH] CWE-119 GHSA-48g8-vqvw-2wfm: Adobe Flash Player before 18
Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4160, CVE-2016-4161, and CVE-2016-4163.
GHSA
GHSA-cv5x-f7g8-x5x2: Unspecified vulnerability in Adobe Flash Player 21
ghsa_unreviewed·2022-05-14
CVE-2016-1104 [HIGH] GHSA-cv5x-f7g8-x5x2: Unspecified vulnerability in Adobe Flash Player 21
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
OSV
CVE-2016-4160: Adobe Flash Player before 18
osv·2016-06-16·CVSS 7.5
CVE-2016-4160 [HIGH] CVE-2016-4160: Adobe Flash Player before 18
Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4161, CVE-2016-4162, and CVE-2016-4163.
OSV
CVE-2016-4163: Adobe Flash Player before 18
osv·2016-06-16·CVSS 7.5
CVE-2016-4163 [HIGH] CVE-2016-4163: Adobe Flash Player before 18
Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4160, CVE-2016-4161, and CVE-2016-4162.
OSV
CVE-2016-4120: Adobe Flash Player before 18
osv·2016-06-16·CVSS 7.5
CVE-2016-4120 [HIGH] CVE-2016-4120: Adobe Flash Player before 18
Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4160, CVE-2016-4161, CVE-2016-4162, and CVE-2016-4163.
OSV
CVE-2016-4161: Adobe Flash Player before 18
osv·2016-06-16·CVSS 7.5
CVE-2016-4161 [HIGH] CVE-2016-4161: Adobe Flash Player before 18
Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4160, CVE-2016-4162, and CVE-2016-4163.
OSV
CVE-2016-4162: Adobe Flash Player before 18
osv·2016-06-16·CVSS 7.5
CVE-2016-4162 [HIGH] CVE-2016-4162: Adobe Flash Player before 18
Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4160, CVE-2016-4161, and CVE-2016-4163.
Red Hat
flash-plugin: multiple code execution issues fixed in APSB16-15
vendor_redhat·2016-05-10·CVSS 7.5
CVE-2016-4161 [HIGH] flash-plugin: multiple code execution issues fixed in APSB16-15
flash-plugin: multiple code execution issues fixed in APSB16-15
Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4160, CVE-2016-4162, and CVE-2016-4163.
Red Hat
flash-plugin: multiple code execution issues fixed in APSB16-15
vendor_redhat·2016-05-10·CVSS 7.5
CVE-2016-4160 [HIGH] flash-plugin: multiple code execution issues fixed in APSB16-15
flash-plugin: multiple code execution issues fixed in APSB16-15
Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4161, CVE-2016-4162, and CVE-2016-4163.
Red Hat
flash-plugin: multiple code execution issues fixed in APSB16-15
vendor_redhat·2016-05-10·CVSS 7.5
CVE-2016-4120 [HIGH] flash-plugin: multiple code execution issues fixed in APSB16-15
flash-plugin: multiple code execution issues fixed in APSB16-15
Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4160, CVE-2016-4161, CVE-2016-4162, and CVE-2016-4163.
Red Hat
flash-plugin: multiple code execution issues fixed in APSB16-15
vendor_redhat·2016-05-10·CVSS 7.5
CVE-2016-1104 [HIGH] flash-plugin: multiple code execution issues fixed in APSB16-15
flash-plugin: multiple code execution issues fixed in APSB16-15
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
Red Hat
flash-plugin: multiple code execution issues fixed in APSB16-15
vendor_redhat·2016-05-10·CVSS 7.5
CVE-2016-4162 [HIGH] flash-plugin: multiple code execution issues fixed in APSB16-15
flash-plugin: multiple code execution issues fixed in APSB16-15
Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4160, CVE-2016-4161, and CVE-2016-4163.
Red Hat
flash-plugin: multiple code execution issues fixed in APSB16-15
vendor_redhat·2016-05-10·CVSS 7.5
CVE-2016-4163 [HIGH] flash-plugin: multiple code execution issues fixed in APSB16-15
flash-plugin: multiple code execution issues fixed in APSB16-15
Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4160, CVE-2016-4161, and CVE-2016-4162.
No detection rules found.
Bugzilla
CVE-2017-5469 Mozilla: Potential Buffer overflow in flex-generated code (MFSA 2017-11, MFSA 2017-12)
bugzilla·2017-04-19·CVSS 9.8
CVE-2017-5469 [CRITICAL] CVE-2017-5469 Mozilla: Potential Buffer overflow in flex-generated code (MFSA 2017-11, MFSA 2017-12)
CVE-2017-5469 Mozilla: Potential Buffer overflow in flex-generated code (MFSA 2017-11, MFSA 2017-12)
Fixed potential buffer overflows in generated Firefox code due to [CVE-2016-6354](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6354) issue in Flex.
External Reference:
https://www.mozilla.org/en-US/security/advisories/mfsa2017-11/#CVE-2017-5469
Acknowledgements:
Name: the Mozilla project
Upstream: Petr Cerny
Discussion:
This issue has been addressed in the following products:
Red Hat Enterprise Linux 6
Via RHSA-2017:1104 https://access.redhat.com/errata/RHSA-2017:1104
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 7
Via RHSA-2017:1106 https://access.redhat.com/errata/RHSA-2017:1106
---
This issue has been addressed in the fol
Bugzilla
flash-plugin: multiple code execution issues fixed in APSB16-15
bugzilla·2016-05-11·CVSS 7.5
CVE-2016-4117 [HIGH] flash-plugin: multiple code execution issues fixed in APSB16-15
flash-plugin: multiple code execution issues fixed in APSB16-15
Adobe released a new security advisory for Adobe Flash Player.
A critical vulnerability (CVE-2016-4117) exists in Adobe Flash Player 21.0.0.226 and earlier versions for Windows, Macintosh, Linux, and Chrome OS. Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system.
Adobe is aware of a report that an exploit for CVE-2016-4117 exists in the wild. Adobe will address this vulnerability in our monthly security update, which will be available as early as May 12. For the latest information, users may monitor the Adobe Product Security Incident Response Team blog.
https://helpx.adobe.com/security/products/flash-player/apsa16-02.html
Discussion:
Updates for Adobe Flas
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.htmlhttp://packetstormsecurity.com/files/137055/Adobe-Flash-Object-Placing-Out-Of-Bounds-Read.htmlhttp://rhn.redhat.com/errata/RHSA-2016-1079.htmlhttp://www.securityfocus.com/bid/90618http://www.securitytracker.com/id/1035827https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-064https://helpx.adobe.com/security/products/flash-player/apsb16-15.htmlhttps://www.exploit-db.com/exploits/39825/http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.htmlhttp://packetstormsecurity.com/files/137055/Adobe-Flash-Object-Placing-Out-Of-Bounds-Read.htmlhttp://rhn.redhat.com/errata/RHSA-2016-1079.htmlhttp://www.securityfocus.com/bid/90618http://www.securitytracker.com/id/1035827https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-064https://helpx.adobe.com/security/products/flash-player/apsb16-15.htmlhttps://www.exploit-db.com/exploits/39825/
2016-05-11
Published