Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript FileReference class, when using class inheritance. Successful exploitation could lead to arbitrary code execution.
https://security.gentoo.org/glsa/201702-20
http://rhn.redhat.com/errata/RHSA-2017-0057.html
https://helpx.adobe.com/security/products/flash-player/apsb17-02.html
http://www.securitytracker.com/id/1037570
http://www.securityfocus.com/bid/95342
Source: Mitre, NVD
Published: 2017-01-11
Updated: 2025-04-20
Base Score: 9.3
Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
Severity: High
Base Score: 8.8
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS: 0.01207