Back to search
CVE-2017-11292
Published: Oct 21, 2017
Modified: Oct 21, 2025
PUBLISHED
Description
Adobe Flash Player version 27.0.0.159 and earlier has a flawed bytecode verification procedure, which allows for an untrusted value to be used in the calculation of an array index. This can lead to type confusion, and successful exploitation could lead to arbitrary code execution.
| Vendor | Product | Versions |
|---|---|---|
n/a | Adobe Flash Player version 27.0.0.159 and earlier | affected Adobe Flash Player version 27.0.0.159 and earlier |
References
1039582
vdb-entry
x_refsource_SECTRACK
https://helpx.adobe.com/security/products/flash-player/apsb17-32.html
x_refsource_CONFIRM
GLSA-201710-22
vendor-advisory
x_refsource_GENTOO
101286
vdb-entry
x_refsource_BID
RHSA-2017:2899
vendor-advisory
x_refsource_REDHAT
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now