==================================================================== CERT-Renater Note d'Information No. 2016/VULN245 _____________________________________________________________________ DATE : 15/06/2016 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Systems running Adobe Flash Player versions 21.0.0.242 and earlier. ====================================================================== https://helpx.adobe.com/security/products/flash-player/apsa16-03.html ____________________________________________________________________ Adobe Security Advisory Security Advisory for Adobe Flash Player Release date: June 14, 2016 Vulnerability identifier: APSA16-03 CVE number: CVE-2016-4171 Platforms: Windows, Macintosh, Linux and Chrome OS Summary A critical vulnerability (CVE-2016-4171) exists in Adobe Flash Player 21.0.0.242 and earlier versions for Windows, Macintosh, Linux, and Chrome OS. Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system. Adobe is aware of a report that an exploit for CVE-2016-4171 exists in the wild, and is being used in limited, targeted attacks. Adobe will address this vulnerability in our monthly security update, which will be available as early as June 16. For the latest information, users may monitor the Adobe Product Security Incident Response Team blog. Severity ratings Adobe categorizes this as a critical vulnerability. Acknowledgments Adobe would like to thank Anton Ivanov and Costin Raiu of Kaspersky Lab for reporting CVE-2016-4171 and for working with Adobe to help protect our customers. ========================================================== Serveur de référence du CERT-Renater https://services.renater.fr/ssi/ ========================================================== + CERT-RENATER | tel : 01-53-94-20-44 + + 23 - 25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email: cert@support.renater.fr + ==========================================================