Adobe Flash Player version 27.0.0.159 and earlier has a flawed bytecode verification procedure, which allows for an untrusted value to be used in the calculation of an array index. This can lead to type confusion, and successful exploitation could lead to arbitrary code execution.

Versions of Adobe Flash Player prior to 27.0.0.170 are unpatched and therefore affected by an unspecified type confusion flaw that is caused by input not being properly validated. An unauthenticated, remote attacker can exploit this, by convincing a user to visit a website containing specially crafted Flash content, to trigger the vulnerability and potentially execute arbitrary code.

The remote host is affected by the vulnerability described in GLSA-201710-22 (Adobe Flash Player: Remote execution of arbitrary code)

    A  critical type confusion vulnerability was discovered in Adobe Flash       Player.
  Impact :

    A remote attacker could execute arbitrary code.
  Workaround :

    There is no known workaround at this time.

The remote Windows host is missing security update KB4049179. It is, therefore, affected by an unspecified type confusion flaw that is caused by input not being properly validated. An unauthenticated, remote attacker can exploit this, by convincing a user to visit a website containing specially crafted Flash content, to trigger the vulnerability and potentially execute arbitrary code.

The version of Adobe Flash Player installed on the remote macOS or Mac OS X host is equal or prior to version 27.0.0.159. It is, therefore, affected by an unspecified type confusion flaw that is caused by input not being properly validated. An unauthenticated, remote attacker can exploit this, by convincing a user to visit a website containing specially crafted Flash content, to trigger the vulnerability and potentially execute arbitrary code.

The version of Adobe Flash Player installed on the remote Windows host is equal or prior to version 27.0.0.159. It is, therefore, affected by an unspecified type confusion flaw that is caused by input not being properly validated. An unauthenticated, remote attacker can exploit this, by convincing a user to visit a website containing specially crafted Flash content, to trigger the vulnerability and potentially execute arbitrary code.

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2017:2899 advisory.

    The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in.

    This update upgrades Flash Player to version 27.0.0.170.

    Security Fix(es):

    * This update fixes one vulnerability in Adobe Flash Player. This vulnerability, detailed in the Adobe     Security Bulletin listed in the References section, could allow an attacker to create a specially crafted     SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information     when the victim loaded a page containing the malicious SWF content. (CVE-2017-11292)

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Adobe reports :

- This update resolves a type confusion vulnerability that could lead to remote code execution (CVE-2017-11292).

ID	Name	Product	Family	Severity
700426	Flash Player < 27.0.0.170 RCE (APSB17-32)	Nessus Network Monitor	Web Clients	high
104065	GLSA-201710-22 : Adobe Flash Player: Remote execution of arbitrary code	Nessus	Gentoo Local Security Checks	high
103924	KB4049179: Security update for Adobe Flash Player (October 2017)	Nessus	Windows : Microsoft Bulletins	high
103923	Adobe Flash Player for Mac <= 27.0.0.159 Multiple Vulnerabilities (APSB17-32)	Nessus	MacOS X Local Security Checks	high
103922	Adobe Flash Player <= 27.0.0.159 Type Confusion Vulnerability (APSB17-32)	Nessus	Windows	high
103915	RHEL 6 : flash-plugin (RHSA-2017:2899)	Nessus	Red Hat Local Security Checks	high
103860	FreeBSD : Flash Player -- Remote code execution (a73518da-b2fa-11e7-98ef-d43d7ef03aa6)	Nessus	FreeBSD Local Security Checks	high

Detections

Analytics

CVE-2017-11292

high

Tenable Plugins

high

high

high

high

high

high

high