Lucene search
Tenable700058.PRMHistoryApr 17, 2017 - 12:00 a.m.
Flash Player < 25.0.0.148 Multiple RCE (APSB17-10)
2017-04-1700:00:00
Tenable
www.tenable.com
11
Versions of Adobe Flash Player prior to 25.0.0.148 are unpatched, and therefore affected by the following RCE vulnerabilities :
- A use-after-free error exists that is triggered when handling specially crafted ‘ByteArray’ objects. This may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code. (CVE-2017-3058, CVE-2017-3059)
- A flaw exists that is triggered as certain input is not properly validated when parsing specially crafted SWF content. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2017-3060)
- A use-after-free error exists that may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code. No further details have been provided. (CVE-2017-3061, CVE-2017-3062, CVE-2017-3063)
- A flaw exists that is triggered as certain input is not properly validated. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. No further details have been provided. (CVE-2017-3064)
Binary data 700058.prm| Vendor | Product | Version | CPE |
|---|---|---|---|
| adobe | flash_player | cpe:/a:adobe:flash_player |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3058
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3059
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3060
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3061
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3062
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3063
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3064
helpx.adobe.com/security/products/flash-player/apsb17-10.html
Related
redhatcve
redhatcve
nessus
nessus
RHEL 6 : flash-plugin (RHSA-2017:0934)
2017-04-13 00:00:00
KB4018483: Security update for Adobe Flash Player (April 2017)
2017-04-11 00:00:00
SUSE SLED12 Security Update : flash-player (SUSE-SU-2017:0990-1)
2017-04-13 00:00:00
suse
suse
Security update for flash-player (important)
2017-04-12 18:12:20
redhat
redhat
(RHSA-2017:0934) Critical: flash-plugin security update
2017-04-12 11:31:40
openvas
openvas
Mageia: Security Advisory (MGASA-2017-0114)
2022-01-28 00:00:00
Adobe Flash Player Security Update (APSB17-10) - Windows
2017-04-12 00:00:00
mscve
mscve
April 2017 Adobe Flash Security Update
2017-04-11 07:00:00
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2017-04-27 00:00:00
mageia
mageia
Updated flash-player-plugin package fixes security vulnerability
2017-04-21 10:24:22
kaspersky
kaspersky
KLA10993 Arbitrary code execution vulnerabilities in Adobe Flash Player
2017-04-11 00:00:00
checkpoint_advisories
checkpoint_advisories
Adobe Flash Player Use After Free Code Execution (APSB17-10: CVE-2017-3059)
2017-04-24 00:00:00
Adobe Flash Player Use After Free Code Execution (APSB17-10: CVE-2017-3063)
2017-04-12 00:00:00
Adobe Flash Player Memory Corruption (APSB17-10: CVE-2017-3060)
2017-04-23 00:00:00
prion
prion
Design/Logic Flaw
2017-04-12 14:59:00
Design/Logic Flaw
2017-04-12 14:59:00
Design/Logic Flaw
2017-04-12 14:59:00
ubuntucve
ubuntucve
cve
cve
zdi
zdi
cvelist
cvelist
zdt
zdt
Adobe Flash - Out-of-Bounds Read in Getting TextField Width Exploit
2017-05-17 00:00:00
Adobe Flash - Margin Handling Heap Corruption Exploit
2017-05-17 00:00:00
threatpost
threatpost
Adobe Patches 59 Vulnerabilities Across Flash, Reader, Photoshop
2017-04-11 14:58:55
trendmicroblog
trendmicroblog
Related for 700058.PRM