Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript FileReference class, when using class inheritance. Successful exploitation could lead to arbitrary code execution.
References
Link | Resource |
---|---|
http://rhn.redhat.com/errata/RHSA-2017-0057.html | Third Party Advisory |
http://www.securityfocus.com/bid/95342 | Broken Link Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1037570 | Broken Link Third Party Advisory VDB Entry |
https://helpx.adobe.com/security/products/flash-player/apsb17-02.html | Patch Vendor Advisory |
https://security.gentoo.org/glsa/201702-20 | Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
History
No history.
Information
Published : 2017-01-11 04:59
Updated : 2024-02-28 15:44
NVD link : CVE-2017-2937
Mitre link : CVE-2017-2937
CVE.ORG link : CVE-2017-2937
JSON object : View
Products Affected
microsoft
- windows
- windows_8.1
- windows_10
linux
- linux_kernel
apple
- mac_os_x
adobe
- flash_player
- chrome_os
CWE
CWE-416
Use After Free