Oval Definition:oval:org.cisecurity:def:513
Revision Date:2016-06-13Version:38
Title:Adobe Flash Player Remote Code Execution Vulnerability - CVE-2016-4117
Description:Adobe Flash Player 21.0.0.226 and earlier allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in May 2016.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):APSA16-02
CVE-2016-4117
MS16-064
Platform(s):Microsoft Windows 10
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Product(s):ActiveX Control
Adobe Flash Player
Google Chrome
Pepper Flash
Definition Synopsis
  • Adobe Flash Player is installed + version (ESR)
  • Adobe Flash Player is installed
  • AND Check if the Adobe Flash Player ESR is less than 18.0.0.352
  • OR Adobe Flash Player is installed + version
  • Adobe Flash Player is installed
  • AND Check for Adobe Flash Player version
  • Check if the Adobe Flash Player is less than 21.0.0.227
  • AND Check if Adobe Flash Player version is greater than or equal 19.0.0.0
  • OR Google Check pepperflash version for Google Chrome
  • Google Chrome is installed
  • AND Check if the version of Pepper Flash Player for Google Chrome is less than 21.0.0.227
  • OR ActiveX Control Version
  • ActiveX Control is installed
  • AND Check for Flash*.ocx file version
  • Check if Flash*.ocx version is less than 18.0.0.352
  • OR Check for file version
  • Check if the version of ActiveX Control is less than 21.0.0.227
  • AND Check if Flash*.ocx version is greater than or equal 19.0.0.0
    • BACK