Lucene search

K
cvelistAdobeCVELIST:CVE-2017-11225
HistoryDec 09, 2017 - 6:00 a.m.

CVE-2017-11225

2017-12-0906:00:00
adobe
www.cve.org

9.4 High

AI Score

Confidence

High

0.015 Low

EPSS

Percentile

86.9%

An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the Primetime SDK metadata functionality. The mismatch between an old and a new object can provide an attacker with unintended memory access – potentially leading to code corruption, control-flow hijack, or an information leak attack. Successful exploitation could lead to arbitrary code execution.

CNA Affected

[
  {
    "product": "Adobe Flash Player 27.0.0.183 and earlier versions",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Adobe Flash Player 27.0.0.183 and earlier versions"
      }
    ]
  }
]