Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in ActionScript2 when creating a getter/setter property. Successful exploitation could lead to arbitrary code execution.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/97551 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1038225 | |
https://access.redhat.com/errata/RHSA-2017:0934 | |
https://helpx.adobe.com/security/products/flash-player/apsb17-10.html | Vendor Advisory |
https://security.gentoo.org/glsa/201704-04 | |
http://www.zerodayinitiative.com/advisories/ZDI-17-278/ | Third Party Advisory VDB Entry |
http://www.securityfocus.com/bid/97551 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1038225 | |
https://access.redhat.com/errata/RHSA-2017:0934 | |
https://helpx.adobe.com/security/products/flash-player/apsb17-10.html | Vendor Advisory |
https://security.gentoo.org/glsa/201704-04 |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
History
21 Nov 2024, 03:24
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.securityfocus.com/bid/97551 - Third Party Advisory, VDB Entry | |
References | () http://www.securitytracker.com/id/1038225 - | |
References | () https://access.redhat.com/errata/RHSA-2017:0934 - | |
References | () https://helpx.adobe.com/security/products/flash-player/apsb17-10.html - Vendor Advisory | |
References | () https://security.gentoo.org/glsa/201704-04 - |
Information
Published : 2017-04-12 14:59
Updated : 2024-11-21 03:24
NVD link : CVE-2017-3062
Mitre link : CVE-2017-3062
CVE.ORG link : CVE-2017-3062
JSON object : View
Products Affected
- chrome_os
microsoft
- windows_8.1
- windows_10
- windows
linux
- linux_kernel
apple
- mac_os_x
adobe
- flash_player
CWE
CWE-416
Use After Free