Adobe Flash Player prior to 220.127.116.11 and 19.x prior to 18.104.22.168 on Windows and OS X and prior to 22.214.171.1240 on Linux allows malicious users to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-7648.
|Vulnerable Product||Search on Vulmon||Subscribe to Product|
CVE-Study CVE id CVSS Type CVE-2017-12762 100 BOF CVE-2017-0561 100 - CVE-2017-11176 100 UAF CVE-2017-8890 100 CVE-2017-7895 100 CVE-2017-3106 93 CVE-2017-3064 93 CVE-2017-0430 93 CVE-2017-0429 93 CVE-2017-0428 93 CVE-2017-0427 93 CVE-2017-0528 93 CVE-2017-0510 93 CVE-2017-0508 93 CVE-2017-0507 93 CVE-2017-0455 93
Adobe has decided to patch the zero day vulnerability that was disclosed in Flash Player earlier this week today — instead of next week as originally scheduled.
According to a security bulletin Adobe posted this morning the update actually fixes three vulnerabilities in the software, but the most pressing one is the zero day, CVE-2015-7645, the company said is being used in limited, targeted attacks.
The flaw, a type confusion vulnerability, has been tied to attacks carried out ...