Adobe Flash Player Security Bypass Vulnerability in Internet Explorer
CVE-2017-3080

6.5MEDIUM

Key Information:

Vendor
Adobe
Status
Adobe Flash Player 26.0.0.131 And Earlier.
Vendor
CVE Published:
17 July 2017

Summary

Adobe Flash Player versions up to 26.0.0.131 are susceptible to a security bypass vulnerability that affects the Flash API utilized by Internet Explorer. If exploited, this vulnerability has the potential to enable unauthorized information disclosure, posing significant risks to user data security and privacy.

Affected Version(s)

Adobe Flash Player 26.0.0.131 and earlier. Adobe Flash Player 26.0.0.131 and earlier.

References

http://www.securityfocus.com/bid/99519
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1038845
vdb-entryx_refsource_SECTRACK
https://access.redhat.com/errata/RHSA-2017:1731
vendor-advisoryx_refsource_REDHAT

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.