Vulnerability CVE-2017-3077: Information

Description

Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the PNG image parser. Successful exploitation could lead to arbitrary code execution.

Severity: CRITICAL (9.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2017-3077
Published: June 20, 2017
Modified: Jan. 5, 2018
Error type identifier: CWE-119

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
adobe-flash-player-ppapip926-alt1.S132-alt118ALT-PU-2017-1727-1184215Fixed
adobe-flash-player-ppapip826-alt1.M80P.132-alt118ALT-PU-2017-1728-1184216Fixed
adobe-flash-player-ppapic9f226-alt1.S132-alt115ALT-PU-2017-1727-1184215Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://helpx.adobe.com/security/products/flash-player/apsb17-17.html
  • Vendor Advisory
99025
  • Third Party Advisory
  • VDB Entry
1038655
    GLSA-201707-15
      42248
        RHSA-2017:1439

            1. Configuration 1

              cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*
              cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*
              Running on/with:
              cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:*
              Running on/with:
              cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*

              Configuration 2

              cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*
              Running on/with:
              cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*
              Running on/with:
              cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*
              Running on/with:
              cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
              Running on/with:
              cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

              Configuration 3

              cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
              Running on/with:
              cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*
              Running on/with:
              cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
              Running on/with:
              cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
          VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
          Version: v24.5.0
          Back to top