Oval Definition:oval:org.cisecurity:def:799
Revision Date:2016-07-15Version:35
Title:Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier - CVE-2016-4109
Description:Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):APSB16-15
CVE-2016-4109
MS16-064
Platform(s):Microsoft Windows 10
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Product(s):ActiveX Control
Adobe Air
Adobe Flash Player
Google Chrome
Pepper Flash
Definition Synopsis
  • Adobe Flash Player is installed + version (ESR)
  • Adobe Flash Player is installed
  • AND Check if the Adobe Flash Player ESR is less than 18.0.0.352
  • OR Adobe Flash Player is installed + version
  • Adobe Flash Player is installed
  • AND Check for Adobe Flash Player version
  • Check if the Adobe Flash Player is less than 21.0.0.242
  • AND Check if Adobe Flash Player version is greater than or equal 19.0.0.0
  • OR Adobe Air + vulnerable version
  • Adobe AIR is installed
  • AND Check if the version of Adobe AIR is less than 21.0.0.215
  • OR ActiveX Control Version
  • ActiveX Control is installed
  • AND Check for Flash*.ocx file version
  • Check if Flash*.ocx version is less than 18.0.0.352
  • OR Check for file version
  • Check if the version of ActiveX Control is less than 21.0.0.242
  • AND Check if Flash*.ocx version is greater than or equal 19.0.0.0
  • OR Google Chrome + Pepperflash version
  • Google Chrome is installed
  • AND Check if the version of Pepper Flash Player for Google Chrome is less than 21.0.0.242
  • BACK