CVE-2016-4171

CVE Database · CVE-2016-4171

CVE-2016-4171

· CRITICALAnalyzed

CVSS v3.1

9.8

EPSS

19.90%

Published

Jun 16, 2016

Modified

Apr 21, 2026

CISA Known Exploited Vulnerability

Added: 2022-03-25 · Due: 2022-04-15

The impacted product is end-of-life and should be disconnected if still in use.

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in June 2016.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products (33)

adobe · flash_playervulnerable

linux · linux_kernel

adobe · flash_playervulnerable

apple · mac_os_x

apple · macos

microsoft · windows

apple · mac_os_x

apple · macos

google · chrome_os

linux · linux_kernel

microsoft · windows

adobe · flash_playervulnerable

microsoft · windows_8.1

References (20)

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html

Mailing ListThird Party Advisory

http://www.securityfocus.com/bid/91184

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1036094

Third Party AdvisoryVDB Entry

KEV Catalog EPSS Scores Vendors All CVEs