QwikSec

Security Database

CVE

CWE

Training

CVE-2017-11225

Published: Dec 9, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the Primetime SDK metadata functionality. The mismatch between an old and a new object can provide an attacker with unintended memory access -- potentially leading to code corruption, control-flow hijack, or an information leak attack. Successful exploitation could lead to arbitrary code execution.

Vendor	Product	Versions
n/a	Adobe Flash Player 27.0.0.183 and earlier versions	affected `Adobe Flash Player 27.0.0.183 and earlier versions`

References

https://helpx.adobe.com/security/products/flash-player/apsb17-33.html

x_refsource_CONFIRM

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_GENTOO

vdb-entry

x_refsource_BID

vdb-entry

x_refsource_SECTRACK

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.