Access Control Vulnerability in Adobe Flash Player on Multiple Platforms
CVE-2016-4178

4.3MEDIUM

Key Information:

Vendor
Adobe
Status
Flash Player Desktop Runtime
Vendor
CVE Published:
13 July 2016

Summary

A vulnerability in Adobe Flash Player allows attackers to bypass access controls, which may enable them to gain unauthorized access to sensitive information. This issue affects versions prior to 18.0.0.366 on Windows, as well as 19.x through 22.x before 22.0.0.209 on Windows and macOS, and versions before 11.2.202.632 on Linux. Attackers could exploit this vulnerability through unspecified vectors, raising concerns for user data protection and application security across multiple platforms.

References

http://lists.opensuse.org/opensuse-security-announce/2016...
vendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2016...
vendor-advisoryx_refsource_SUSE
https://helpx.adobe.com/security/products/flash-player/ap...
x_refsource_CONFIRM

CVSS V3.1

Score:
4.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.