CVE-2016-4286

Published: Oct 13, 2016Modified: May 6, 2026

8.8

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to bypass intended access restrictions via unspecified vectors.

Affected (12)

Products: Adobe: Flash Player, Flash Player Desktop Runtime · Redhat: Enterprise Linux Desktop, Enterprise Linux Server, Enterprise Linux Workstation

Adobe

2 products

Flash Player

Flash Player Desktop Runtime

Redhat

3 products

Enterprise Linux Desktop

Enterprise Linux Server

Enterprise Linux Workstation

Configuration A

2 vulnerable · 2 platform

Vulnerable Software	Affected Versions
Adobe Flash Player	Up to 23.0.0.162
Adobe Flash Player	Up to 23.0.0.162

Running on/with	Platform Versions
Microsoft Windows 10	All versions
Microsoft Windows 8.1	All versions

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Adobe Flash Player	Up to 11.2.202.635

Configuration C

2 vulnerable

Vulnerable Software	Affected Versions
Adobe Flash Player	Up to 18.0.0.375
Adobe Flash Player Desktop Runtime	Up to 23.0.0.162

Configuration D

1 vulnerable · 4 platform

Vulnerable Software	Affected Versions
Adobe Flash Player	Up to 23.0.0.162

Running on/with	Platform Versions
Apple Mac Os X	All versions
Google Chrome Os	All versions
Linux Linux Kernel	All versions
Microsoft Windows	All versions

Configuration E

6 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Linux Desktop	Version 5.0
Redhat Enterprise Linux Desktop	Version 6.0
Redhat Enterprise Linux Server	Version 5.0
Redhat Enterprise Linux Server	Version 6.0
Redhat Enterprise Linux Workstation	Version 5.0
Redhat Enterprise Linux Workstation	Version 6.0