PT-2017-3426 · Adobe+2 · Flash Player+2

Publicado

2017-11-13

Atualizado

2021-09-08

CVE-2017-11213

CVSS v2.0

Crítica

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Adobe Flash Player versions 27.0.0.183 and earlier

Description The issue is caused by an integer overflow when creating a bitmap image, leading to an out-of-bounds access. This can allow a remote attacker to execute arbitrary code. The vulnerability occurs due to a computation that reads data past the end of the target buffer. A successful attack can lead to sensitive data exposure.

Recommendations For Adobe Flash Player versions 27.0.0.183 and earlier, update to a version that contains a fix for this issue to prevent remote code execution. As a temporary workaround, consider restricting access to bitmap image creation functions until a patch is available.

Correção

Out of bounds Read

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-125

Identificadores relacionados

ALT-PU-2017-2836

ALT-PU-2018-2414

BDU:2018-00214

CVE-2017-11213

MGASA-2017-0410

RHSA-2017:3222

RHSA-2017_3222

ZDI-17-998

Produtos afetados

Alt Linux

Flash Player

Red Hat

PT-2017-3426 · Adobe+2 · Flash Player+2

CVE-2017-11213

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 15