Published: 12/04/2017 Updated: 05/01/2018

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 935

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Adobe Flash Player versions 25.0.0.127 and previous versions have an exploitable memory corruption vulnerability when parsing a shape outline. Successful exploitation could lead to arbitrary code execution.

Vulnerable Product	Search on Vulmon	Subscribe to Product
adobe flash_player

Synopsis Critical: flash-plugin security update Type/Severity Security Advisory: Critical Topic An update for flash-plugin is now available for Red Hat Enterprise Linux 6 SupplementaryRed Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Scoring Syst ...

Adobe Flash Player versions 2500127 and earlier have an exploitable memory corruption vulnerability when parsing a shape outline Successful exploitation could lead to arbitrary code execution ...

Source: bugschromiumorg/p/project-zero/issues/detail?id=1211 The attached swf causes an out-of-bounds read in getting the width of a TextField Proof of Concept: githubcom/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/42019zip ...

CWE-119 https://helpx.adobe.com/security/products/flash-player/apsb17-10.html http://www.securityfocus.com/bid/97557 https://security.gentoo.org/glsa/201704-04 http://www.securitytracker.com/id/1038225 https://www.exploit-db.com/exploits/42019/https://access.redhat.com/errata/RHSA-2017:0934 https://access.redhat.com/errata/RHSA-2017:0934 https://nvd.nist.gov https://www.exploit-db.com/exploits/42019/

CVE-2017-3064

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect