Vulnerability CVE-2016-1027

Vulnerability Name:

CVE-2016-1027 (CCN-112080)

Assigned:

2015-12-22

Published:

2016-04-07

Updated:

2023-01-26

Summary:

CVSS v3 Severity:

8.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
7.7 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

8.8 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
7.7 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

9.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

6.8 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2016-1027

Source: psirt@adobe.com
Type: Broken Link, Third Party Advisory
psirt@adobe.com

Source: psirt@adobe.com
Type: Broken Link, Third Party Advisory
psirt@adobe.com

Source: CCN
Type: RHSA-2016-0610
Critical: flash-plugin security update

Source: psirt@adobe.com
Type: Third Party Advisory
psirt@adobe.com

Source: CCN
Type: BID-85932
Adobe Flash Player APSB16-10 Multiple Unspecified Memory Corruption Vulnerabilities

Source: psirt@adobe.com
Type: Broken Link, Third Party Advisory, VDB Entry
psirt@adobe.com

Source: psirt@adobe.com
Type: Broken Link, Third Party Advisory, VDB Entry
psirt@adobe.com

Source: XF
Type: UNKNOWN
adobe-flash-cve20161027-code-exec(112080)

Source: CCN
Type: Adobe Security Bulletin APSB16-10
Security updates available for Adobe Flash Player

Source: psirt@adobe.com
Type: Patch, Vendor Advisory
psirt@adobe.com

Vulnerable Configuration:

Configuration RedHat 1:

cpe:/a:redhat:rhel_extras:5:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/a:redhat:rhel_extras:6:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:adobe:flash_player:21.0.0.197:*:*:*:*:*:*:*

AND

cpe:/o:microsoft:windows_server_2012:*:*:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_8.1:-:-:-:*:-:-:x32:*

OR cpe:/o:microsoft:windows_8.1:-:*:*:*:*:*:x64:*

OR cpe:/o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_rt_8.1:*:*:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_10:-:*:*:*:*:*:x32:*

OR cpe:/o:microsoft:windows_10_1507:-:*:*:*:*:*:x64:*

OR cpe:/a:google:chrome:49.0.2623.75:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_server_supplementary_eus:6.7.z:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20161027	V	CVE-2016-1027	2022-05-20
oval:org.opensuse.security:def:55942	P	Security update for aspell (Important)	2021-08-25
oval:org.opensuse.security:def:47134	P	python-2.7.9-24.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47197	P	accountsservice-0.6.42-14.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47991	P	dhcp-4.3.3-10.16.4 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47196	P	aaa_base-13.2+git20140911.61c1681-36.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48000	P	elfutils-0.158-7.7.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47228	P	crash-7.1.8-3.9 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47260	P	gdk-pixbuf-lang-2.34.0-18.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48054	P	java-1_8_0-openjdk-1.8.0.222-27.35.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:46987	P	libQt5WebKit5-5.6.1-9.4 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47299	P	kdump-0.8.16-5.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47291	P	iputils-s20121221-2.17 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47071	P	libraptor2-0-2.0.10-3.63 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47050	P	libmspack0-0.4-14.4 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47133	P	procmail-3.22-267.12 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47937	P	DirectFB-1.7.1-6.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47362	P	libjavascriptcoregtk-4_0-18-2.12.5-1.12 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:46626	P	bzip2-1.0.6-27.1129 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46598	P	xlockmore-5.43-5.30 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11524	P	ecryptfs-utils-103-5.35 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11658	P	libtiff5-32bit-4.0.4-12.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11703	P	python-imaging-1.1.7-21.15 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11859	P	libXi6-1.7.4-9.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11657	P	libtasn1-3.7-4.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:12360	P	telepathy-gabble-0.18.3-5.7 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11401	P	libsmi-0.4.8-18.63 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11948	P	libssh4-0.6.3-11.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46773	P	libspice-client-glib-2_0-8-0.29-1.4 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46689	P	kernel-default-3.12.49-11.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11539	P	gdk-pixbuf-lang-2.30.6-1.23 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11750	P	yast2-3.1.155-1.13 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11884	P	libgadu3-1.11.4-1.12 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11700	P	puppet-3.6.2-3.62 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:12382	P	xorg-x11-server-7.6_1.18.3-71.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:12586	P	libnetpbm11-10.66.3-7.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11627	P	libneon27-0.30.0-3.65 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46403	P	cyrus-sasl-2.1.26-7.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46836	P	rpm-32bit-4.11.2-10.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11558	P	hyper-v-6-11.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11409	P	libtiff5-32bit-4.0.3-9.78 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11765	P	bash-4.3-78.39 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11709	P	radvd-1.9.7-2.17 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11926	P	libpolkit0-0.113-5.6.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:12608	P	libprocps3-3.3.9-11.14.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46535	P	mipv6d-2.0.2.umip.0.4-19.63 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46466	P	libXv1-1.0.10-3.56 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11477	P	xalan-j2-2.7.0-264.133 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11633	P	libpng15-15-1.5.22-2.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11431	P	pam_krb5-2.4.4-4.5 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11784	P	curl-7.37.0-28.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11635	P	libpolkit0-0.113-4.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11722	P	sudo-1.8.10p3-1.62 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11935	P	libraw9-0.15.4-3.88 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:55868	P	Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP2) (Important)	2021-03-17
oval:org.opensuse.security:def:53091	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25092	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:25823	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:46078	P	Security update for webkit2gtk3 (Important)	2020-12-01
oval:org.opensuse.security:def:25851	P	Security update for freerdp (Moderate)	2020-12-01
oval:org.opensuse.security:def:24446	P	Security update for apache2-mod_jk (Important)	2020-12-01
oval:org.opensuse.security:def:54366	P	python-libxml2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:54511	P	libHX28 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:24802	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:24393	P	Security update for git (Important)	2020-12-01
oval:org.opensuse.security:def:24782	P	Security update for opensc (Low)	2020-12-01
oval:org.opensuse.security:def:46140	P	Security update for openssl (Moderate)	2020-12-01
oval:org.opensuse.security:def:53416	P	Security update for nodejs8 (Important)	2020-12-01
oval:org.opensuse.security:def:54081	P	libzmq3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:53469	P	Security update for webkit2gtk3 (Important)	2020-12-01
oval:org.opensuse.security:def:54199	P	fuse on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:46211	P	Security update for nfs-utils (Moderate)	2020-12-01
oval:org.opensuse.security:def:25106	P	Security update for webkit2gtk3 (Important)	2020-12-01
oval:org.opensuse.security:def:46091	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25155	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:25886	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:46141	P	Security update for ppp (Important)	2020-12-01
oval:org.opensuse.security:def:54173	P	cups on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:55642	P	Security update for libmspack (Moderate)	2020-12-01
oval:org.opensuse.security:def:52842	P	Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP1) (Important)	2020-12-01
oval:org.opensuse.security:def:54592	P	libpulse-mainloop-glib0-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:24582	P	Security update for apache2-mod_perl (Moderate)	2020-12-01
oval:org.opensuse.security:def:24952	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:24519	P	Security update for java-1_8_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:24865	P	Security update for MozillaFirefox, MozillaFirefox-branding-SLE, llvm4, mozilla-nspr, mozilla-nss, apache2-mod_nss (Important)	2020-12-01
oval:org.opensuse.security:def:24456	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:53522	P	Security update for webkit2gtk3 (Important)	2020-12-01
oval:org.opensuse.security:def:52843	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:53642	P	Security update for curl (Important)	2020-12-01
oval:org.opensuse.security:def:54307	P	librpcsecgss3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25150	P	Security update for ovmf (Moderate)	2020-12-01
oval:org.opensuse.security:def:46274	P	Security update for libexif (Moderate)	2020-12-01
oval:org.opensuse.security:def:25169	P	Security update for openexr (Moderate)	2020-12-01
oval:org.opensuse.security:def:46154	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:54247	P	libXt6 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:55716	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:54399	P	wdiff on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:53068	P	Security update for the Linux Azure Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:24663	P	Security update for qemu (Moderate)	2020-12-01
oval:org.opensuse.security:def:25005	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:24645	P	Security update for icu (Moderate)	2020-12-01
oval:org.opensuse.security:def:25015	P	Security update for ghostscript (Moderate)	2020-12-01
oval:org.opensuse.security:def:53005	P	Security update for libexif (Moderate)	2020-12-01
oval:org.opensuse.security:def:53688	P	Security update for libqt5-qtbase (Important)	2020-12-01
oval:org.opensuse.security:def:52865	P	Security update for the Linux Kernel (Live Patch 9 for SLE 15 SP1) (Important)	2020-12-01
oval:org.opensuse.security:def:53748	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:53069	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25788	P	Security update for zeromq (Moderate)	2020-12-01
oval:org.opensuse.security:def:24383	P	Security update for openssh (Moderate)	2020-12-01
oval:org.opensuse.security:def:25213	P	Security update for ntp (Moderate)	2020-12-01
oval:org.opensuse.security:def:54285	P	libmpfr4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:54473	P	gdk-pixbuf-lang on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:24719	P	Security update for dovecot22 (Important)	2020-12-01
oval:org.opensuse.security:def:46077	P	Security update for xerces-c (Moderate)	2020-12-01
oval:org.opensuse.security:def:24726	P	Security update for java-1_8_0-ibm (Moderate)	2020-12-01
oval:org.opensuse.security:def:25068	P	Security update for ghostscript (Important)	2020-12-01
oval:org.opensuse.security:def:53243	P	Security update for mariadb (Important)	2020-12-01
oval:org.opensuse.security:def:53973	P	glibc on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:53231	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:53914	P	Security update for bluez (Important)	2020-12-01
oval:org.opensuse.security:def:78350	P	Security update for flash-player (Important)	2016-05-16
oval:org.opensuse.security:def:78576	P	Security update for flash-player (Important)	2016-05-16
oval:com.redhat.rhsa:def:20160610	P	RHSA-2016:0610: flash-plugin security update (Critical)	2016-04-08
oval:com.ubuntu.precise:def:20161027000	V	CVE-2016-1027 on Ubuntu 12.04 LTS (precise) - medium.	2016-04-08
oval:com.ubuntu.trusty:def:20161027000	V	CVE-2016-1027 on Ubuntu 14.04 LTS (trusty) - medium.	2016-04-08

BACK