CVE-2017-3114

Name of the Vulnerable Software and Affected Versions Adobe Flash Player versions 27.0.0.183 and earlier

Description The issue occurs due to a computation that reads data past the end of the target buffer, which is part of providing language- and region-specific functionality. This is caused by the use of an invalid pointer offset during access of internal data structure fields. A successful attack can lead to sensitive data exposure. The vulnerability allows attackers to execute code remotely by exploiting an out-of-bounds read in Adobe Flash Player.

Recommendations For Adobe Flash Player versions 27.0.0.183 and earlier, update to a version later than 27.0.0.183 to resolve the issue. As a temporary workaround, consider disabling the use of language- and region-specific functionality until a patch is available. Restrict access to sensitive data to minimize the risk of exploitation.