UBUNTU-CVE-2016-4121

See a problem?
Please try reporting it to the source first.
Source
https://ubuntu.com/security/CVE-2016-4121
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2016/UBUNTU-CVE-2016-4121.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2016-4121
Upstream
Published
2016-06-16T14:59:00Z
Modified
2025-07-16T08:12:14.357631Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
  • 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
  • Ubuntu - medium
Summary
[none]
Details

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1097, CVE-2016-1106, CVE-2016-1107, CVE-2016-1108, CVE-2016-1109, CVE-2016-1110, CVE-2016-4108, and CVE-2016-4110.

References

Affected packages

Ubuntu:14.04:LTS / flashplugin-nonfree

Package

Name
flashplugin-nonfree
Purl
pkg:deb/ubuntu/flashplugin-nonfree@11.2.202.626ubuntu0.14.04.1?arch=source&distro=trusty

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
11.2.202.626ubuntu0.14.04.1

Affected versions

11.*
11.2.202.310ubuntu1
11.2.202.327ubuntu0.13.10.1
11.2.202.332ubuntu1
11.2.202.335ubuntu1
11.2.202.336ubuntu1
11.2.202.341ubuntu1
11.2.202.346ubuntu1
11.2.202.350ubuntu1
11.2.202.356ubuntu0.14.04.1
11.2.202.359ubuntu0.14.04.1
11.2.202.378ubuntu0.14.04.1
11.2.202.394ubuntu0.14.04.1
11.2.202.400ubuntu0.14.04.1
11.2.202.406ubuntu0.14.04.1
11.2.202.406ubuntu0.14.04.2
11.2.202.411ubuntu0.14.04.1
11.2.202.418ubuntu0.14.04.1
11.2.202.424ubuntu0.14.04.1
11.2.202.425ubuntu0.14.04.1
11.2.202.429ubuntu0.14.04.1
11.2.202.438ubuntu0.14.04.1
11.2.202.440ubuntu0.14.04.1
11.2.202.442ubuntu0.14.04.1
11.2.202.451ubuntu0.14.04.1
11.2.202.457ubuntu0.14.04.1
11.2.202.460ubuntu0.14.04.1
11.2.202.466ubuntu0.14.04.1
11.2.202.468ubuntu0.14.04.1
11.2.202.481ubuntu0.14.04.1
11.2.202.481ubuntu0.14.04.2
11.2.202.491ubuntu0.14.04.1
11.2.202.508ubuntu0.14.04.1
11.2.202.521ubuntu0.14.04.1
11.2.202.535ubuntu0.14.04.1
11.2.202.540ubuntu0.14.04.2
11.2.202.548ubuntu0.14.04.1
11.2.202.554ubuntu0.14.04.1
11.2.202.559ubuntu0.14.04.1
11.2.202.569ubuntu0.14.04.1
11.2.202.577ubuntu0.14.04.1
11.2.202.616ubuntu0.14.04.1
11.2.202.621ubuntu0.14.04.1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_version": "11.2.202.626ubuntu0.14.04.1",
            "binary_name": "flashplugin-downloader"
        },
        {
            "binary_version": "11.2.202.626ubuntu0.14.04.1",
            "binary_name": "flashplugin-installer"
        }
    ],
    "availability": "No subscription required"
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2016/UBUNTU-CVE-2016-4121.json"

Ubuntu:16.04:LTS / flashplugin-nonfree

Package

Name
flashplugin-nonfree
Purl
pkg:deb/ubuntu/flashplugin-nonfree@11.2.202.626ubuntu0.16.04.1?arch=source&distro=xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
11.2.202.626ubuntu0.16.04.1

Affected versions

11.*
11.2.202.540ubuntu2
11.2.202.548ubuntu1
11.2.202.554ubuntu1
11.2.202.559ubuntu1
11.2.202.569ubuntu1
11.2.202.577ubuntu1
11.2.202.616ubuntu1
11.2.202.621ubuntu0.16.04.1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_version": "11.2.202.626ubuntu0.16.04.1",
            "binary_name": "flashplugin-downloader"
        },
        {
            "binary_version": "11.2.202.626ubuntu0.16.04.1",
            "binary_name": "flashplugin-installer"
        }
    ],
    "availability": "No subscription required"
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2016/UBUNTU-CVE-2016-4121.json"