Oval Definition:oval:org.cisecurity:def:1118
Revision Date:2016-09-23Version:27
Title:Unspecified vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 - CVE-2016-4223
Description:Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2016-4224 and CVE-2016-4225.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2016-4223
Platform(s):Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows Vista
Microsoft Windows XP
Product(s):ActiveX Control
Adobe Flash Player
Pepper Flash
Definition Synopsis
  • Adobe Flash Player is installed + version (ESR)
  • Adobe Flash Player is installed
  • AND Check if Adobe Flash Player (ESR) version is less than 18.0.0.366
  • OR Adobe Flash Player is installed + version
  • Adobe Flash Player is installed
  • AND Check for Adobe Flash Player version
  • Check if Adobe Flash Player version is less than 22.0.0.209
  • AND Check if Adobe Flash Player version is greater than or equal 19.0.0.0
  • OR Pepper Flash for Google Chrome version
  • Google Chrome is installed
  • AND Check if Pepper Flash for Google Chrome version is less than 22.0.0.209
  • OR ActiveX Control is installed + Flash*.ocx version
  • ActiveX Control is installed
  • AND Check for Flash*.ocx file version
  • Check if Flash*.ocx (ESR) version is less than 18.0.0.366
  • OR Check for file version
  • Check if Flash*.ocx version is less than 22.0.0.209
  • AND Check if Flash*.ocx version is greater than or equal 19.0.0.0
    • BACK