Published: 20/06/2017 Updated: 05/01/2018

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Adobe Flash Player versions 25.0.0.171 and previous versions have an exploitable memory corruption vulnerability in the MPEG-4 AVC module. Successful exploitation could lead to arbitrary code execution.

Vulnerable Product	Search on Vulmon	Subscribe to Product
adobe flash_player

Synopsis Critical: flash-plugin security update Type/Severity Security Advisory: Critical Topic An update for flash-plugin is now available for Red Hat Enterprise Linux 6 SupplementaryRed Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Scoring Syst ...

Adobe Flash Player versions 2500171 and earlier have an exploitable memory corruption vulnerability in the MPEG-4 AVC module Successful exploitation could lead to arbitrary code execution ...

A memory corruption vulnerability leading to remote code execution has been found in Adobe Flash Player < 2600126 ...

Source: bugschromiumorg/p/project-zero/issues/detail?id=1212 The attached file causes an out-of-bounds read in avc edge processing Proof of Concept: githubcom/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/42247zip ...

CWE-119 https://helpx.adobe.com/security/products/flash-player/apsb17-17.html http://www.securityfocus.com/bid/99025 http://www.securitytracker.com/id/1038655 https://security.gentoo.org/glsa/201707-15 https://www.exploit-db.com/exploits/42247/https://access.redhat.com/errata/RHSA-2017:1439 https://access.redhat.com/errata/RHSA-2017:1439 https://nvd.nist.gov https://www.exploit-db.com/exploits/42247/https://security.archlinux.org/CVE-2017-3076

CVE-2017-3076

Vulnerability Summary

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect