ID CVE-2017-3099
Summary Adobe Flash Player versions 26.0.0.131 and earlier have an exploitable memory corruption vulnerability in the Action Script 3 raster data model. Successful exploitation could lead to arbitrary code execution.
References
Vulnerable Configurations
  • cpe:2.3:a:adobe:flash_player_desktop_runtime:16.0.0.287:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:flash_player_desktop_runtime:16.0.0.287:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:flash_player_desktop_runtime:18.0:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:flash_player_desktop_runtime:18.0:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:flash_player_desktop_runtime:18.0.0.203:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:flash_player_desktop_runtime:18.0.0.203:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:flash_player_desktop_runtime:21.0.0.226:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:flash_player_desktop_runtime:21.0.0.226:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:flash_player_desktop_runtime:23.0.0.162:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:flash_player_desktop_runtime:23.0.0.162:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:flash_player_desktop_runtime:26.0.0.131:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:flash_player_desktop_runtime:26.0.0.131:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:flash_player:19.0.0.245:*:*:*:*:edge:*:*
    cpe:2.3:a:adobe:flash_player:19.0.0.245:*:*:*:*:edge:*:*
  • cpe:2.3:a:adobe:flash_player:20.0.0.228:*:*:*:*:edge:*:*
    cpe:2.3:a:adobe:flash_player:20.0.0.228:*:*:*:*:edge:*:*
  • cpe:2.3:a:adobe:flash_player:20.0.0.306:*:*:*:*:edge:*:*
    cpe:2.3:a:adobe:flash_player:20.0.0.306:*:*:*:*:edge:*:*
  • cpe:2.3:a:adobe:flash_player:21.0.0.97:*:*:*:*:edge:*:*
    cpe:2.3:a:adobe:flash_player:21.0.0.97:*:*:*:*:edge:*:*
  • cpe:2.3:a:adobe:flash_player:21.0.0.241:*:*:*:*:edge:*:*
    cpe:2.3:a:adobe:flash_player:21.0.0.241:*:*:*:*:edge:*:*
  • cpe:2.3:a:adobe:flash_player:21.0.0.242:*:*:*:*:edge:*:*
    cpe:2.3:a:adobe:flash_player:21.0.0.242:*:*:*:*:edge:*:*
  • cpe:2.3:a:adobe:flash_player:22.0.0.192:*:*:*:*:edge:*:*
    cpe:2.3:a:adobe:flash_player:22.0.0.192:*:*:*:*:edge:*:*
  • cpe:2.3:a:adobe:flash_player:22.0.0.211:*:*:*:*:edge:*:*
    cpe:2.3:a:adobe:flash_player:22.0.0.211:*:*:*:*:edge:*:*
  • cpe:2.3:a:adobe:flash_player:23.0:*:*:*:*:edge:*:*
    cpe:2.3:a:adobe:flash_player:23.0:*:*:*:*:edge:*:*
  • cpe:2.3:a:adobe:flash_player:23.0.0.162:*:*:*:*:edge:*:*
    cpe:2.3:a:adobe:flash_player:23.0.0.162:*:*:*:*:edge:*:*
  • cpe:2.3:a:adobe:flash_player:23.0.0.185:*:*:*:*:edge:*:*
    cpe:2.3:a:adobe:flash_player:23.0.0.185:*:*:*:*:edge:*:*
  • cpe:2.3:a:adobe:flash_player:23.0.0.205:*:*:*:*:edge:*:*
    cpe:2.3:a:adobe:flash_player:23.0.0.205:*:*:*:*:edge:*:*
  • cpe:2.3:a:adobe:flash_player:23.0.0.207:*:*:*:*:edge:*:*
    cpe:2.3:a:adobe:flash_player:23.0.0.207:*:*:*:*:edge:*:*
  • cpe:2.3:a:adobe:flash_player:24.0.0.186:*:*:*:*:edge:*:*
    cpe:2.3:a:adobe:flash_player:24.0.0.186:*:*:*:*:edge:*:*
  • cpe:2.3:a:adobe:flash_player:24.0.0.194:*:*:*:*:edge:*:*
    cpe:2.3:a:adobe:flash_player:24.0.0.194:*:*:*:*:edge:*:*
  • cpe:2.3:a:adobe:flash_player:24.0.0.221:*:*:*:*:edge:*:*
    cpe:2.3:a:adobe:flash_player:24.0.0.221:*:*:*:*:edge:*:*
  • cpe:2.3:a:adobe:flash_player:25.0.0.127:*:*:*:*:edge:*:*
    cpe:2.3:a:adobe:flash_player:25.0.0.127:*:*:*:*:edge:*:*
  • cpe:2.3:a:adobe:flash_player:25.0.0.148:*:*:*:*:edge:*:*
    cpe:2.3:a:adobe:flash_player:25.0.0.148:*:*:*:*:edge:*:*
  • cpe:2.3:a:adobe:flash_player:25.0.0.171:*:*:*:*:edge:*:*
    cpe:2.3:a:adobe:flash_player:25.0.0.171:*:*:*:*:edge:*:*
  • cpe:2.3:a:adobe:flash_player:26.0.0.120:*:*:*:*:edge:*:*
    cpe:2.3:a:adobe:flash_player:26.0.0.120:*:*:*:*:edge:*:*
  • cpe:2.3:a:adobe:flash_player:19.0.0.245:*:*:*:*:internet_explorer:*:*
    cpe:2.3:a:adobe:flash_player:19.0.0.245:*:*:*:*:internet_explorer:*:*
  • cpe:2.3:a:adobe:flash_player:20.0.0.228:*:*:*:*:internet_explorer:*:*
    cpe:2.3:a:adobe:flash_player:20.0.0.228:*:*:*:*:internet_explorer:*:*
  • cpe:2.3:a:adobe:flash_player:20.0.0.306:*:*:*:*:internet_explorer:*:*
    cpe:2.3:a:adobe:flash_player:20.0.0.306:*:*:*:*:internet_explorer:*:*
  • cpe:2.3:a:adobe:flash_player:21.0.0.97:*:*:*:*:internet_explorer:*:*
    cpe:2.3:a:adobe:flash_player:21.0.0.97:*:*:*:*:internet_explorer:*:*
  • cpe:2.3:a:adobe:flash_player:21.0.0.241:*:*:*:*:internet_explorer:*:*
    cpe:2.3:a:adobe:flash_player:21.0.0.241:*:*:*:*:internet_explorer:*:*
  • cpe:2.3:a:adobe:flash_player:21.0.0.242:*:*:*:*:internet_explorer:*:*
    cpe:2.3:a:adobe:flash_player:21.0.0.242:*:*:*:*:internet_explorer:*:*
  • cpe:2.3:a:adobe:flash_player:22.0.0.192:*:*:*:*:internet_explorer:*:*
    cpe:2.3:a:adobe:flash_player:22.0.0.192:*:*:*:*:internet_explorer:*:*
  • cpe:2.3:a:adobe:flash_player:22.0.0.211:*:*:*:*:internet_explorer:*:*
    cpe:2.3:a:adobe:flash_player:22.0.0.211:*:*:*:*:internet_explorer:*:*
  • cpe:2.3:a:adobe:flash_player:23.0.0.162:*:*:*:*:internet_explorer:*:*
    cpe:2.3:a:adobe:flash_player:23.0.0.162:*:*:*:*:internet_explorer:*:*
  • cpe:2.3:a:adobe:flash_player:23.0.0.185:*:*:*:*:internet_explorer:*:*
    cpe:2.3:a:adobe:flash_player:23.0.0.185:*:*:*:*:internet_explorer:*:*
  • cpe:2.3:a:adobe:flash_player:23.0.0.205:*:*:*:*:internet_explorer:*:*
    cpe:2.3:a:adobe:flash_player:23.0.0.205:*:*:*:*:internet_explorer:*:*
  • cpe:2.3:a:adobe:flash_player:23.0.0.207:*:*:*:*:internet_explorer:*:*
    cpe:2.3:a:adobe:flash_player:23.0.0.207:*:*:*:*:internet_explorer:*:*
  • cpe:2.3:a:adobe:flash_player:24.0.0.186:*:*:*:*:internet_explorer:*:*
    cpe:2.3:a:adobe:flash_player:24.0.0.186:*:*:*:*:internet_explorer:*:*
  • cpe:2.3:a:adobe:flash_player:24.0.0.194:*:*:*:*:internet_explorer:*:*
    cpe:2.3:a:adobe:flash_player:24.0.0.194:*:*:*:*:internet_explorer:*:*
  • cpe:2.3:a:adobe:flash_player:24.0.0.221:*:*:*:*:internet_explorer:*:*
    cpe:2.3:a:adobe:flash_player:24.0.0.221:*:*:*:*:internet_explorer:*:*
  • cpe:2.3:a:adobe:flash_player:25.0.0.127:*:*:*:*:internet_explorer:*:*
    cpe:2.3:a:adobe:flash_player:25.0.0.127:*:*:*:*:internet_explorer:*:*
  • cpe:2.3:a:adobe:flash_player:25.0.0.148:*:*:*:*:internet_explorer:*:*
    cpe:2.3:a:adobe:flash_player:25.0.0.148:*:*:*:*:internet_explorer:*:*
  • cpe:2.3:a:adobe:flash_player:25.0.0.171:*:*:*:*:internet_explorer:*:*
    cpe:2.3:a:adobe:flash_player:25.0.0.171:*:*:*:*:internet_explorer:*:*
  • cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:flash_player:16.0.0.287:*:*:*:*:chrome:*:*
    cpe:2.3:a:adobe:flash_player:16.0.0.287:*:*:*:*:chrome:*:*
  • cpe:2.3:a:adobe:flash_player:18.0:*:*:*:*:chrome:*:*
    cpe:2.3:a:adobe:flash_player:18.0:*:*:*:*:chrome:*:*
  • cpe:2.3:a:adobe:flash_player:18.0.0.203:*:*:*:*:chrome:*:*
    cpe:2.3:a:adobe:flash_player:18.0.0.203:*:*:*:*:chrome:*:*
  • cpe:2.3:a:adobe:flash_player:18.0.0.204:*:*:*:*:chrome:*:*
    cpe:2.3:a:adobe:flash_player:18.0.0.204:*:*:*:*:chrome:*:*
  • cpe:2.3:a:adobe:flash_player:19.0.0.245:*:*:*:*:chrome:*:*
    cpe:2.3:a:adobe:flash_player:19.0.0.245:*:*:*:*:chrome:*:*
  • cpe:2.3:a:adobe:flash_player:20.0.0.228:*:*:*:*:chrome:*:*
    cpe:2.3:a:adobe:flash_player:20.0.0.228:*:*:*:*:chrome:*:*
  • cpe:2.3:a:adobe:flash_player:20.0.0.306:*:*:*:*:chrome:*:*
    cpe:2.3:a:adobe:flash_player:20.0.0.306:*:*:*:*:chrome:*:*
  • cpe:2.3:a:adobe:flash_player:21.0.0.97:*:*:*:*:chrome:*:*
    cpe:2.3:a:adobe:flash_player:21.0.0.97:*:*:*:*:chrome:*:*
  • cpe:2.3:a:adobe:flash_player:21.0.0.216:*:*:*:*:chrome:*:*
    cpe:2.3:a:adobe:flash_player:21.0.0.216:*:*:*:*:chrome:*:*
  • cpe:2.3:a:adobe:flash_player:21.0.0.242:*:*:*:*:chrome:*:*
    cpe:2.3:a:adobe:flash_player:21.0.0.242:*:*:*:*:chrome:*:*
  • cpe:2.3:a:adobe:flash_player:22.0.0.192:*:*:*:*:chrome:*:*
    cpe:2.3:a:adobe:flash_player:22.0.0.192:*:*:*:*:chrome:*:*
  • cpe:2.3:a:adobe:flash_player:22.0.0.211:*:*:*:*:chrome:*:*
    cpe:2.3:a:adobe:flash_player:22.0.0.211:*:*:*:*:chrome:*:*
  • cpe:2.3:a:adobe:flash_player:23.0:*:*:*:*:chrome:*:*
    cpe:2.3:a:adobe:flash_player:23.0:*:*:*:*:chrome:*:*
  • cpe:2.3:a:adobe:flash_player:23.0.0.162:*:*:*:*:chrome:*:*
    cpe:2.3:a:adobe:flash_player:23.0.0.162:*:*:*:*:chrome:*:*
  • cpe:2.3:a:adobe:flash_player:23.0.0.185:*:*:*:*:chrome:*:*
    cpe:2.3:a:adobe:flash_player:23.0.0.185:*:*:*:*:chrome:*:*
  • cpe:2.3:a:adobe:flash_player:23.0.0.205:*:*:*:*:chrome:*:*
    cpe:2.3:a:adobe:flash_player:23.0.0.205:*:*:*:*:chrome:*:*
  • cpe:2.3:a:adobe:flash_player:23.0.0.207:*:*:*:*:chrome:*:*
    cpe:2.3:a:adobe:flash_player:23.0.0.207:*:*:*:*:chrome:*:*
  • cpe:2.3:a:adobe:flash_player:23.0.0.257:*:*:*:*:chrome:*:*
    cpe:2.3:a:adobe:flash_player:23.0.0.257:*:*:*:*:chrome:*:*
  • cpe:2.3:a:adobe:flash_player:24.0.0.186:*:*:*:*:chrome:*:*
    cpe:2.3:a:adobe:flash_player:24.0.0.186:*:*:*:*:chrome:*:*
  • cpe:2.3:a:adobe:flash_player:24.0.0.194:*:*:*:*:chrome:*:*
    cpe:2.3:a:adobe:flash_player:24.0.0.194:*:*:*:*:chrome:*:*
  • cpe:2.3:a:adobe:flash_player:24.0.0.221:*:*:*:*:chrome:*:*
    cpe:2.3:a:adobe:flash_player:24.0.0.221:*:*:*:*:chrome:*:*
  • cpe:2.3:a:adobe:flash_player:25.0.0.127:*:*:*:*:chrome:*:*
    cpe:2.3:a:adobe:flash_player:25.0.0.127:*:*:*:*:chrome:*:*
  • cpe:2.3:a:adobe:flash_player:25.0.0.148:*:*:*:*:chrome:*:*
    cpe:2.3:a:adobe:flash_player:25.0.0.148:*:*:*:*:chrome:*:*
  • cpe:2.3:a:adobe:flash_player:25.0.0.163:*:*:*:*:chrome:*:*
    cpe:2.3:a:adobe:flash_player:25.0.0.163:*:*:*:*:chrome:*:*
  • cpe:2.3:a:adobe:flash_player:25.0.0.171:*:*:*:*:chrome:*:*
    cpe:2.3:a:adobe:flash_player:25.0.0.171:*:*:*:*:chrome:*:*
  • cpe:2.3:a:adobe:flash_player:26.0.0.126:*:*:*:*:chrome:*:*
    cpe:2.3:a:adobe:flash_player:26.0.0.126:*:*:*:*:chrome:*:*
  • cpe:2.3:a:adobe:flash_player:26.0.0.131:*:*:*:*:chrome:*:*
    cpe:2.3:a:adobe:flash_player:26.0.0.131:*:*:*:*:chrome:*:*
  • cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*
    cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*
CVSS
Base: 9.3 (as of 30-01-2023 - 15:01)
Impact:
Exploitability:
CWE CWE-787
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:M/Au:N/C:C/I:C/A:C
redhat via4
advisories
rhsa
id RHSA-2017:1731
rpms flash-plugin-0:26.0.0.137-1.el6_9
refmap via4
bid 99520
gentoo GLSA-201707-15
misc https://helpx.adobe.com/security/products/flash-player/apsb17-21.html
sectrack 1038845
Last major update 30-01-2023 - 15:01
Published 17-07-2017 - 13:18
Last modified 30-01-2023 - 15:01
Back to Top