Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdiYuki Chen of Qihoo 360 Vulcan TeamZDI-17-278
HistoryApr 11, 2017 - 12:00 a.m.

(Pwn2Own) Adobe Flash TextField Attribute Array Use-After-Free Remote Code Execution Vulnerability

2017-04-1100:00:00
Yuki Chen of Qihoo 360 Vulcan Team
www.zerodayinitiative.com
12

EPSS

0.029

Percentile

90.9%

JSON

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the attribute arrays. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process.

Related

prion 1
checkpoint_advisories 1
cve 1
ubuntucve 1
nvd 1
cvelist 1
redhatcve 7
nessus 7
suse 1
redhat 1
openvas 8
threatpost 1
mscve 1
kaspersky 1
mageia 1
gentoo 1
trendmicroblog 1
prion
prion
Design/Logic Flaw
2017-04-12 14:59:00
checkpoint_advisories
checkpoint_advisories
Adobe Flash Player Use After Free Code Execution (APSB17-10: CVE-2017-3062)
2017-04-12 00:00:00
cve
cve
CVE-2017-3062
2017-04-12 14:59:03
ubuntucve
ubuntucve
CVE-2017-3062
2017-04-12 00:00:00
nvd
nvd
CVE-2017-3062
2017-04-12 14:59:03
cvelist
cvelist
CVE-2017-3062
2017-04-12 14:00:00
redhatcve
redhatcve
CVE-2017-3061
2017-04-11 16:18:33
CVE-2017-3062
2017-04-11 16:18:16
CVE-2017-3058
2017-04-11 16:18:46
nessus
nessus
RHEL 6 : flash-plugin (RHSA-2017:0934)
2017-04-13 00:00:00
KB4018483: Security update for Adobe Flash Player (April 2017)
2017-04-11 00:00:00
Flash Player < 25.0.0.148 Multiple RCE (APSB17-10)
2017-04-17 00:00:00
suse
suse
Security update for flash-player (important)
2017-04-12 18:12:20
redhat
redhat
(RHSA-2017:0934) Critical: flash-plugin security update
2017-04-12 11:31:40
openvas
openvas
Mageia: Security Advisory (MGASA-2017-0114)
2022-01-28 00:00:00
Adobe Flash Player Security Update (APSB17-10) - Windows
2017-04-12 00:00:00
Adobe Flash Player Within Google Chrome Security Update (APSB17-07) - Mac OS X
2017-04-12 00:00:00
threatpost
threatpost
Adobe Patches 59 Vulnerabilities Across Flash, Reader, Photoshop
2017-04-11 14:58:55
mscve
mscve
April 2017 Adobe Flash Security Update
2017-04-11 07:00:00
kaspersky
kaspersky
KLA10993 Arbitrary code execution vulnerabilities in Adobe Flash Player
2017-04-11 00:00:00
mageia
mageia
Updated flash-player-plugin package fixes security vulnerability
2017-04-21 10:24:22
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2017-04-27 00:00:00
trendmicroblog
trendmicroblog
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of April 17, 2017
2017-04-21 18:23:45

EPSS

0.029

Percentile

90.9%

JSON
Related for ZDI-17-278
prion1checkpoint_advisories1cve1ubuntucve1nvd1cvelist1redhatcve7nessus7suse1redhat1openvas8threatpost1mscve1kaspersky1mageia1gentoo1trendmicroblog1