Threat Advisories - NVD Disclosed May 11, 2016

CVE-2016-4117

Adobe Flash Player Code Execution Vulnerability

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

A vulnerability in Adobe Flash Player allows remote attackers to execute arbitrary code, a risk that has been actively exploited. This could lead to unauthorized system control and compromise of data for affected organizations. Adobe Flash Player is end-of-life and should be disconnected if still in use.

NVD published: May 11, 2016 • CISA KEV

CVE advisoryKnown Exploit

CVE-2016-0189

Microsoft Scripting Engine Code Execution Vulnerability

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A memory corruption flaw in Microsoft's JScript and VBScript engines, used in Internet Explorer, could allow attackers to execute arbitrary code or cause a denial of service. This presents a business risk of system compromise and data disruption if users access a crafted website. Organizations should apply vendor updat

NVD published: May 11, 2016 • CISA KEV

CVE advisoryKnown Exploit

CVE-2016-0185

Windows Media Center Code Execution Vulnerability.

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

A vulnerability in Microsoft Windows Media Center allows remote attackers to execute arbitrary code by opening a crafted link file. This could lead to unauthorized code execution on affected systems, posing a business risk.

NVD published: May 11, 2016 • CISA KEV