Memory Corruption Vulnerability in Adobe Flash Player
CVE-2017-3100

6.5MEDIUM

Key Information:

Vendor: Adobe
Status: Adobe Flash Player 26.0.0.131 And Earlier.
Vendor: CVE Published:; 17 July 2017

Summary

Adobe Flash Player versions 26.0.0.131 and earlier are susceptible to a memory corruption vulnerability within the Action Script 2 BitmapData class. An attacker could exploit this vulnerability to disclose memory addresses, potentially leveraging the information for further attacks.

Affected Version(s)

Adobe Flash Player 26.0.0.131 and earlier. Adobe Flash Player 26.0.0.131 and earlier.

References

http://www.securitytracker.com/id/1038845

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/99523

vdb-entryx_refsource_BID

https://access.redhat.com/errata/RHSA-2017:1731

vendor-advisoryx_refsource_REDHAT

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jul 17, 2017
Vulnerability Reserved
Dec 2, 2016

.