CVE-2017-11282

critical

Description

Adobe Flash Player has an exploitable memory corruption vulnerability in the MP4 atom parser. Successful exploitation could lead to arbitrary code execution. This affects 26.0.0.151 and earlier.

References

https://security.gentoo.org/glsa/201709-16

https://helpx.adobe.com/security/products/flash-player/apsb17-28.html

https://bugs.chromium.org/p/project-zero/issues/detail?id=1323

https://access.redhat.com/errata/RHSA-2017:2702

http://www.securitytracker.com/id/1039314

http://www.securityfocus.com/bid/100716

http://packetstormsecurity.com/files/144332/Adobe-Flash-appleToRange-Out-Of-Bounds-Read.html

Details

Source: Mitre, NVD

Published: 2017-12-01

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

Detections

Analytics