CVE-2016-1019
Adobe Flash Player Arbitrary Code Execution Vulnerability
Severity Score
9.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
Yes
*KEV
Decision
Act
*SSVC
Descriptions
Adobe Flash Player 21.0.0.197 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors, as exploited in the wild in April 2016.
Adobe Flash Player 21.0.0.197 y versiones anteriores permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código arbitrario a través de vectores no especificados, según se ha explotado activamente en Abril de 2016.
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 11.2.202.616. Security Fix: This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities, detailed in the Adobe Security Bulletin listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content.
Adobe Flash Player allows remote attackers to cause a denial of service or possibly execute arbitrary code.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Act
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2015-12-22 CVE Reserved
- 2016-04-07 CVE Published
- 2022-03-03 Exploited in Wild
- 2022-03-24 KEV Due Date
- 2025-02-04 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- First Exploit
CWE
CAPEC
References (17)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/85856 | Broken Link | |
| http://www.securitytracker.com/id/1035491 | Broken Link | |
| https://www.fireeye.com/blog/threat-research/2016/04/cve-2016-1019_a_new.html | Broken Link |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050 | 2022-11-10 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Adobe Search vendor "Adobe" | Flash Player Desktop Runtime Search vendor "Adobe" for product "Flash Player Desktop Runtime" | <= 21.0.0.197 Search vendor "Adobe" for product "Flash Player Desktop Runtime" and version " <= 21.0.0.197" | - |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | - | - |
Safe
|
| Adobe Search vendor "Adobe" | Flash Player Desktop Runtime Search vendor "Adobe" for product "Flash Player Desktop Runtime" | <= 21.0.0.197 Search vendor "Adobe" for product "Flash Player Desktop Runtime" and version " <= 21.0.0.197" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | <= 18.0.0.333 Search vendor "Adobe" for product "Flash Player" and version " <= 18.0.0.333" | esr |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | - | - |
Safe
|
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | <= 18.0.0.333 Search vendor "Adobe" for product "Flash Player" and version " <= 18.0.0.333" | esr |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | <= 21.0.0.197 Search vendor "Adobe" for product "Flash Player" and version " <= 21.0.0.197" | chrome |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | - | - |
Safe
|
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | <= 21.0.0.197 Search vendor "Adobe" for product "Flash Player" and version " <= 21.0.0.197" | chrome |
Affected
| in | Google Search vendor "Google" | Chrome Os Search vendor "Google" for product "Chrome Os" | - | - |
Safe
|
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | <= 21.0.0.197 Search vendor "Adobe" for product "Flash Player" and version " <= 21.0.0.197" | chrome |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | - | - |
Safe
|
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | <= 21.0.0.197 Search vendor "Adobe" for product "Flash Player" and version " <= 21.0.0.197" | chrome |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | <= 21.0.0.197 Search vendor "Adobe" for product "Flash Player" and version " <= 21.0.0.197" | edge |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 10 Search vendor "Microsoft" for product "Windows 10" | - | - |
Safe
|
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | <= 21.0.0.197 Search vendor "Adobe" for product "Flash Player" and version " <= 21.0.0.197" | internet_explorer |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 10 Search vendor "Microsoft" for product "Windows 10" | - | - |
Safe
|
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | <= 21.0.0.197 Search vendor "Adobe" for product "Flash Player" and version " <= 21.0.0.197" | internet_explorer |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 8.1 Search vendor "Microsoft" for product "Windows 8.1" | - | - |
Safe
|
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | <= 11.2.202.577 Search vendor "Adobe" for product "Flash Player" and version " <= 11.2.202.577" | - |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | - | - |
Safe
|
| Adobe Search vendor "Adobe" | Air Desktop Runtime Search vendor "Adobe" for product "Air Desktop Runtime" | <= 21.0.0.176 Search vendor "Adobe" for product "Air Desktop Runtime" and version " <= 21.0.0.176" | - |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | - | - |
Safe
|
| Adobe Search vendor "Adobe" | Air Desktop Runtime Search vendor "Adobe" for product "Air Desktop Runtime" | <= 21.0.0.176 Search vendor "Adobe" for product "Air Desktop Runtime" and version " <= 21.0.0.176" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
| Adobe Search vendor "Adobe" | Air Sdk Search vendor "Adobe" for product "Air Sdk" | <= 21.0.0.176 Search vendor "Adobe" for product "Air Sdk" and version " <= 21.0.0.176" | - |
Affected
| in | Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | - | - |
Safe
|
| Adobe Search vendor "Adobe" | Air Sdk Search vendor "Adobe" for product "Air Sdk" | <= 21.0.0.176 Search vendor "Adobe" for product "Air Sdk" and version " <= 21.0.0.176" | - |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | - | - |
Safe
|
| Adobe Search vendor "Adobe" | Air Sdk Search vendor "Adobe" for product "Air Sdk" | <= 21.0.0.176 Search vendor "Adobe" for product "Air Sdk" and version " <= 21.0.0.176" | - |
Affected
| in | Google Search vendor "Google" | Android Search vendor "Google" for product "Android" | - | - |
Safe
|
| Adobe Search vendor "Adobe" | Air Sdk Search vendor "Adobe" for product "Air Sdk" | <= 21.0.0.176 Search vendor "Adobe" for product "Air Sdk" and version " <= 21.0.0.176" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
| Adobe Search vendor "Adobe" | Air Sdk \& Compiler Search vendor "Adobe" for product "Air Sdk \& Compiler" | <= 21.0.0.176 Search vendor "Adobe" for product "Air Sdk \& Compiler" and version " <= 21.0.0.176" | - |
Affected
| in | Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | - | - |
Safe
|
| Adobe Search vendor "Adobe" | Air Sdk \& Compiler Search vendor "Adobe" for product "Air Sdk \& Compiler" | <= 21.0.0.176 Search vendor "Adobe" for product "Air Sdk \& Compiler" and version " <= 21.0.0.176" | - |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | - | - |
Safe
|
| Adobe Search vendor "Adobe" | Air Sdk \& Compiler Search vendor "Adobe" for product "Air Sdk \& Compiler" | <= 21.0.0.176 Search vendor "Adobe" for product "Air Sdk \& Compiler" and version " <= 21.0.0.176" | - |
Affected
| in | Google Search vendor "Google" | Android Search vendor "Google" for product "Android" | - | - |
Safe
|
| Adobe Search vendor "Adobe" | Air Sdk \& Compiler Search vendor "Adobe" for product "Air Sdk \& Compiler" | <= 21.0.0.176 Search vendor "Adobe" for product "Air Sdk \& Compiler" and version " <= 21.0.0.176" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|