Vulnerability Change Records for CVE-2016-7857

Change History

CVE Modified by Adobe Systems Incorporated 7/27/2017 9:29:06 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.securitytracker.com/id/1037240 [No Types Assigned]

CVE Modified by Adobe Systems Incorporated 12/21/2016 10:0:22 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.zerodayinitiative.com/advisories/ZDI-16-596 [No Types Assigned]
Added Reference

								
							
							
						
https://security.gentoo.org/glsa/201611-18 [No Types Assigned]

Initial CVE Analysis 11/08/2016 2:11:33 PM

Action Type Old Value New Value
Changed CPE Configuration
Configuration 1
     OR
Configuration 1
     OR
          *cpe:2.3:o:redhat:enterprise_linux_server_supplementary:5.0:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:6.0:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux_hpc_node_supplementary:6.0:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux_server_supplementary:6.0:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux_server_supplementary_aus:6.5:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux_server_supplementary_eus:6.5.z:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:6.0:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:5.0:*:*:*:*:*:*:*
Configuration 2
     AND
          OR
               *cpe:2.3:a:hp:jdk:7.0.08:*:*:*:*:*:*:* (and previous)
               *cpe:2.3:a:hp:jre:7.0.08:*:*:*:*:*:*:* (and previous)
          OR
               cpe:2.3:o:hp:hp-ux:b.11.23:*:*:*:*:*:*:*
               cpe:2.3:o:hp:hp-ux:b.11.31:*:*:*:*:*:*:*
Configuration 3
     OR
          *cpe:2.3:a:oracle:javafx:2.2.45:*:*:*:*:*:*:*
Configuration 4
     OR
          *cpe:2.3:a:oracle:jdk:1.7.0:update_45:*:*:*:*:*:*
          *cpe:2.3:a:oracle:jre:1.7.0:update_45:*:*:*:*:*:*
Added CVSS V2

								
							
							
						
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Added CVSS V3

								
							
							
						
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Added CWE

								
							
							
						
CWE-416
Changed Reference Type
https://helpx.adobe.com/security/products/flash-player/apsb16-37.html No Types Assigned
https://helpx.adobe.com/security/products/flash-player/apsb16-37.html Patch, Vendor Advisory

CVE Modified by Adobe Systems Incorporated 11/28/2016 3:39:35 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.securityfocus.com/bid/94153 [No Types Assigned]

CPE Deprecation Remap 5/08/2019 6:11:29 PM

Action Type Old Value New Value
Changed CPE Configuration
OR
     *cpe:2.3:o:microsoft:windows_8.1:-:-:-:*:-:-:x64:*
OR
     *cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:pro_n:*:x64:*

CPE Deprecation Remap 5/08/2019 6:11:29 PM

Action Type Old Value New Value
Changed CPE Configuration
OR
     *cpe:2.3:o:microsoft:windows_8.1:-:-:-:*:-:-:x86:*
OR
     *cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:pro_n:*:x86:*

CVE Modified by Adobe Systems Incorporated 1/06/2017 10:0:40 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://rhn.redhat.com/errata/RHSA-2016-2676.html [No Types Assigned]
Added Reference

								
							
							
						
https://technet.microsoft.com/library/security/ms16-141 [No Types Assigned]

Initial CVE Analysis 11/08/2016 2:17:07 PM

Action Type Old Value New Value
Changed CPE Configuration
Configuration 1
     AND
          OR
               *cpe:2.3:a:hp:jdk:7.0.08:*:*:*:*:*:*:* (and previous)
               *cpe:2.3:a:hp:jre:7.0.08:*:*:*:*:*:*:* (and previous)
          OR
               cpe:2.3:o:hp:hp-ux:b.11.23:*:*:*:*:*:*:*
               cpe:2.3:o:hp:hp-ux:b.11.31:*:*:*:*:*:*:*
Configuration 2
     OR
          *cpe:2.3:a:oracle:jdk:1.7.0:update_45:*:*:*:*:*:*
          *cpe:2.3:a:oracle:jre:1.7.0:update_45:*:*:*:*:*:*
Configuration 3
     OR
          *cpe:2.3:o:redhat:enterprise_linux_server_supplementary:5.0:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:6.0:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux_hpc_node_supplementary:6.0:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux_server_supplementary:6.0:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux_server_supplementary_aus:6.5:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux_server_supplementary_eus:6.5.z:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:6.0:*:*:*:*:*:*:*
          *cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:5.0:*:*:*:*:*:*:*
Configuration 4
     OR
          *cpe:2.3:a:oracle:javafx:2.2.45:*:*:*:*:*:*:*
Configuration 1
     AND
          OR
               *cpe:2.3:a:adobe:flash_player:23.0.0.205:*:*:*:*:edge:*:*
               *cpe:2.3:a:adobe:flash_player:23.0.0.205:*:*:*:*:internet_explorer:*:*
          OR
               cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x64:*
               cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x86:*
               cpe:2.3:o:microsoft:windows_8.1:-:-:-:*:-:-:x64:*
               cpe:2.3:o:microsoft:windows_8.1:-:-:-:*:-:-:x86:*
Configuration 2
     AND
          OR
               *cpe:2.3:a:adobe:flash_player:23.0.0.205:*:*:*:*:*:*:* (and previous)
          OR
               cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*
               cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Configuration 3
     AND
          OR
               *cpe:2.3:a:adobe:flash_player_for_linux:11.2.202.643:*:*:*:*:*:*:* (and previous)
          OR
               cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
Configuration 4
     AND
          OR
               *cpe:2.3:a:adobe:flash_player:23.0.0.205:*:*:*:*:chrome:*:*
          OR
               cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
               cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*
               cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
               cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*

CVE Translated 11/09/2016 11:45:00 AM

Action Type Old Value New Value

CVE Modified by Adobe Systems Incorporated 10/12/2018 6:14:40 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-141 [No Types Assigned]
Removed Reference
https://technet.microsoft.com/library/security/ms16-141 [No Types Assigned]

								
						

Modified Analysis 11/08/2016 2:23:13 PM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
Configuration 1
     AND
          OR
               *cpe:2.3:a:adobe:flash_player_for_linux:11.2.202.643:*:*:*:*:*:*:* (and previous)
          OR
               cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
Configuration 2
     AND
          OR
               *cpe:2.3:a:adobe:flash_player:23.0.0.205:*:*:*:*:*:*:* (and previous)
          OR
               cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*
               cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Configuration 3
     AND
          OR
               *cpe:2.3:a:adobe:flash_player:23.0.0.205:*:*:*:*:chrome:*:*
          OR
               cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
               cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*
               cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
               cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*
Configuration 4
     AND
          OR
               *cpe:2.3:a:adobe:flash_player:23.0.0.205:*:*:*:*:edge:*:*
               *cpe:2.3:a:adobe:flash_player:23.0.0.205:*:*:*:*:internet_explorer:*:*
          OR
               cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x64:*
               cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x86:*
               cpe:2.3:o:microsoft:windows_8.1:-:-:-:*:-:-:x64:*
               cpe:2.3:o:microsoft:windows_8.1:-:-:-:*:-:-:x86:*
Added CVSS V2

								
							
							
						
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Added CVSS V3

								
							
							
						
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Added CWE

								
							
							
						
CWE-416
Changed Reference Type
https://helpx.adobe.com/security/products/flash-player/apsb16-37.html No Types Assigned
https://helpx.adobe.com/security/products/flash-player/apsb16-37.html Vendor Advisory, Patch