CVE-2017-3106

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Adobe Flash Player versions 26.0.0.137 and earlier

Description The issue is related to a type confusion vulnerability when parsing SWF files, which could lead to arbitrary code execution if successfully exploited. This allows an attacker to remotely execute code.

Recommendations For Adobe Flash Player versions 26.0.0.137 and earlier, update to a version later than 26.0.0.137 to resolve the issue. At the moment, there is no information about other specific mitigation measures for this vulnerability.

Exploit

Fix

Incorrect Type Conversion or Cast

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-704

Related Identifiers

ALT-PU-2017-2075

ALT-PU-2018-2414

CVE-2017-3106

MGASA-2017-0314

RHSA-2017:2457

RHSA-2017_2457

Affected Products

Alt Linux

Flash Player

Red Hat

CVE-2017-3106

Weakness Enumeration

Related Identifiers

Affected Products

References · 16