CVE-2017-11282

Sažetak

Adobe Flash Player has an exploitable memory corruption vulnerability in the MP4 atom parser. Successful exploitation could lead to arbitrary code execution. This affects 26.0.0.151 and earlier.

Reference

https://helpx.adobe.com/security/products/flash-player/apsb17-28.html
https://www.exploit-db.com/exploits/42783/
https://security.gentoo.org/glsa/201709-16
http://www.securitytracker.com/id/1039314
http://www.securityfocus.com/bid/100716
https://www.youtube.com/watch?v=6iZnIQbRf5M
https://bugs.chromium.org/p/project-zero/issues/detail?id=1323
http://packetstormsecurity.com/files/144332/Adobe-Flash-appleToRange-Out-Of-Bounds-Read.html
https://access.redhat.com/errata/RHSA-2017:2702

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

08-09-2021 - 17:21

Objavljeno

01-12-2017 - 08:29