CVE - CVE-2017-11225

CVE-ID
CVE-2017-11225	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the Primetime SDK metadata functionality. The mismatch between an old and a new object can provide an attacker with unintended memory access -- potentially leading to code corruption, control-flow hijack, or an information leak attack. Successful exploitation could lead to arbitrary code execution.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
CONFIRM:https://helpx.adobe.com/security/products/flash-player/apsb17-33.html GENTOO:GLSA-201711-13 URL:https://security.gentoo.org/glsa/201711-13 REDHAT:RHSA-2017:3222 URL:https://access.redhat.com/errata/RHSA-2017:3222 BID:101837 URL:http://www.securityfocus.com/bid/101837 SECTRACK:1039778 URL:http://www.securitytracker.com/id/1039778
Assigning CNA
Adobe Systems Incorporated
Date Entry Created
20170713	Disclaimer: The entry creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20170713)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an entry on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: cve@mitre.org