CVE-2016-1019 | Vulnerability Database | Aqua Security

Adobe Flash Player 21.0.0.197 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors, as exploited in the wild in April 2016.

Affected Software

Name	Vendor	Start Version	End Version
Red Hat Enterprise Linux 5 Supplementary	RedHat	flash-plugin-0:11.2.202.616-1.el5	*
Red Hat Enterprise Linux 6 Supplementary	RedHat	flash-plugin-0:11.2.202.616-1.el6_7	*
Adobe-flashplugin	Ubuntu	precise	*
Adobe-flashplugin	Ubuntu	trusty	*
Adobe-flashplugin	Ubuntu	wily	*
Flashplugin-nonfree	Ubuntu	precise	*
Flashplugin-nonfree	Ubuntu	trusty	*
Flashplugin-nonfree	Ubuntu	wily	*

References

https://helpx.adobe.com/security/products/flash-player/apsa16-01.html
http://blogs.adobe.com/psirt/?p=1330
https://helpx.adobe.com/security/products/flash-player/apsb16-10.html
https://security.gentoo.org/glsa/201606-08
http://rhn.redhat.com/errata/RHSA-2016-0610.html
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00055.html
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00010.html
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00012.html
http://www.securitytracker.com/id/1035491
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00009.html
https://www.fireeye.com/blog/threat-research/2016/04/cve-2016-1019_a_new.html
http://www.securityfocus.com/bid/85856
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050

NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-1019
CWE	https://cwe.mitre.org/data/definitions/NVD-noinfo.html