Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.5
CVSSv3

CVE-2017-3100

Published: 17/07/2017 Updated: 27/01/2023
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Vulnerability Summary

Adobe Flash Player versions 26.0.0.131 and previous versions have an exploitable memory corruption vulnerability in the Action Script 2 BitmapData class. Successful exploitation could lead to memory address disclosure.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

adobe flash_player_desktop_runtime

adobe flash_player

Vendor Advisories

Red Hat: Critical: flash-plugin security update
Synopsis Critical: flash-plugin security update Type/Severity Security Advisory: Critical Topic An update for flash-plugin is now available for Red Hat Enterprise Linux 6 SupplementaryRed Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Scoring Syst ...
Red Hat: CVE-2017-3100
Adobe Flash Player versions 2600131 and earlier have an exploitable memory corruption vulnerability in the Action Script 2 BitmapData class Successful exploitation could lead to memory address disclosure ...
Arch Linux Issues:
A memory corruption vulnerability leading to the disclosure of a memory address has been found in Adobe Flash Player < 2600137 It could be used to bypass some security protections like ASLR ...

Recent Articles

It's July 2017 – and your expensive HoloLens can be pwned over Wi-Fi
The Register • Shaun Nichols in San Francisco • 11 Jul 2017

Augmented Reality bites. Plus: Update Windows boxes, Flash ASAP

Patch Tuesday Microsoft's HoloLens may only be in the hands of developers, but that hasn't stopped researchers from finding major security holes in the augmented reality headset. Critical fixes for HoloLens were among the 57 CVE-listed flaws Redmond had to address in this month's edition of Patch Tuesday. Of the 57 bugs blasted in various Microsoft products, 19 are listed as critical and 24 could potentially allow for remote code execution. Four vulnerabilities were disclosed publicly before tod...

Read more...

References

CWE-787https://helpx.adobe.com/security/products/flash-player/apsb17-21.htmlhttp://www.securitytracker.com/id/1038845http://www.securityfocus.com/bid/99523https://security.gentoo.org/glsa/201707-15https://access.redhat.com/errata/RHSA-2017:1731https://access.redhat.com/errata/RHSA-2017:1731https://nvd.nist.govhttps://security.archlinux.org/CVE-2017-3100
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065open redirectCVE-2024-1086path traversalCVE-2024-29825XXECVE-2024-29822CVE-2024-20696CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook