6.8
CVSSv2

CVE-2017-2995

Published: 15/02/2017 Updated: 05/01/2018
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Summary

Adobe Flash Player versions 24.0.0.194 and previous versions have an exploitable type confusion vulnerability related to the MessageChannel class. Successful exploitation could lead to arbitrary code execution.

Vulnerability Trend

Affected Products

Vendor Product Versions
AdobeFlash Player24.0.0.194

Vendor Advisories

Synopsis Critical: flash-plugin security update Type/Severity Security Advisory: Critical Topic An update for flash-plugin is now available for Red Hat Enterprise Linux 6 SupplementaryRed Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Scoring Syst ...
A type confusion vulnerability possibly leading to code execution has been found in Adobe Flash Player < 2400221 ...
Arch Linux Security Advisory ASA-201702-16 ========================================== Severity: Critical Date : 2017-02-17 CVE-ID : CVE-2017-2982 CVE-2017-2984 CVE-2017-2985 CVE-2017-2987 CVE-2017-2988 CVE-2017-2990 CVE-2017-2991 CVE-2017-2992 CVE-2017-2993 CVE-2017-2994 CVE-2017-2995 CVE-2017-2996 Package : lib32-flashplug ...
Arch Linux Security Advisory ASA-201702-15 ========================================== Severity: Critical Date : 2017-02-17 CVE-ID : CVE-2017-2982 CVE-2017-2984 CVE-2017-2985 CVE-2017-2987 CVE-2017-2988 CVE-2017-2990 CVE-2017-2991 CVE-2017-2992 CVE-2017-2993 CVE-2017-2994 CVE-2017-2995 CVE-2017-2996 Package : flashplugin Typ ...
Microsoft Security Bulletin MS17-005 - Critical 10/11/2017 15 minutes to read Contributors In this article Security Update for Adobe Flash Player (4010250)Executive SummaryVulnerability InformationAffected Softwar ...

Github Repositories

CVE-Study CVE id CVSS Type CVE-2017-12762 100 BOF CVE-2017-0561 100 - CVE-2017-11176 100 UAF CVE-2017-8890 100 CVE-2017-7895 100 CVE-2017-3106 93 CVE-2017-3064 93 CVE-2017-0430 93 CVE-2017-0429 93 CVE-2017-0428 93 CVE-2017-0427 93 CVE-2017-0528 93 CVE-2017-0510 93 CVE-2017-0508 93 CVE-2017-0507 93 CVE-2017-0455 93

Recent Articles

Adobe fixes 24 Security Vulnerabilities in Adobe Flash, Digital Editions, & Campaign
BleepingComputer • Lawrence Abrams • 01 Jan 1970

Adobe has released updates for Adobe Flash Player, Digital Editions,and Campaign that resolve a total of 24 security vulnerabilities, with half of them being in Adobe Flash Player. As many of these vulnerabilities are rated as Critical, it is strongly advised that anyone using these products immediately update them to the latest version.
A vulnerability is rated as Critical when it could allow attackers to remotely execute command on an affected machine. This would allow them to execute...