CVE-2017-11292 - Adobe Flash Player version 27.0.0.159 and earlier has a flawed bytecode verification procedure, whic

CVE-2017-11292

Summary

Adobe Flash Player version 27.0.0.159 and earlier has a flawed bytecode verification procedure, which allows for an untrusted value to be used in the calculation of an array index. This can lead to type confusion, and successful exploitation could lead to arbitrary code execution.

References

Vulnerable Configurations

cpe:2.3:a:adobe:flash_player_desktop_runtime:16.0.0.287:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_desktop_runtime:16.0.0.287:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_desktop_runtime:18.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_desktop_runtime:18.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_desktop_runtime:18.0.0.203:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_desktop_runtime:18.0.0.203:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_desktop_runtime:21.0.0.226:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_desktop_runtime:21.0.0.226:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_desktop_runtime:23.0.0.162:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_desktop_runtime:23.0.0.162:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_desktop_runtime:26.0.0.131:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_desktop_runtime:26.0.0.131:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_desktop_runtime:26.0.0.137:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_desktop_runtime:26.0.0.137:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_desktop_runtime:26.0.0.151:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_desktop_runtime:26.0.0.151:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_desktop_runtime:27.0.0.130:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_desktop_runtime:27.0.0.130:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_desktop_runtime:27.0.0.159:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_desktop_runtime:27.0.0.159:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:19.0.0.245:*:*:*:*:edge:*:*
cpe:2.3:a:adobe:flash_player:19.0.0.245:*:*:*:*:edge:*:*
cpe:2.3:a:adobe:flash_player:20.0.0.228:*:*:*:*:edge:*:*
cpe:2.3:a:adobe:flash_player:20.0.0.228:*:*:*:*:edge:*:*
cpe:2.3:a:adobe:flash_player:20.0.0.306:*:*:*:*:edge:*:*
cpe:2.3:a:adobe:flash_player:20.0.0.306:*:*:*:*:edge:*:*
cpe:2.3:a:adobe:flash_player:21.0.0.97:*:*:*:*:edge:*:*
cpe:2.3:a:adobe:flash_player:21.0.0.97:*:*:*:*:edge:*:*
cpe:2.3:a:adobe:flash_player:21.0.0.241:*:*:*:*:edge:*:*
cpe:2.3:a:adobe:flash_player:21.0.0.241:*:*:*:*:edge:*:*
cpe:2.3:a:adobe:flash_player:21.0.0.242:*:*:*:*:edge:*:*
cpe:2.3:a:adobe:flash_player:21.0.0.242:*:*:*:*:edge:*:*
cpe:2.3:a:adobe:flash_player:22.0.0.192:*:*:*:*:edge:*:*
cpe:2.3:a:adobe:flash_player:22.0.0.192:*:*:*:*:edge:*:*
cpe:2.3:a:adobe:flash_player:22.0.0.211:*:*:*:*:edge:*:*
cpe:2.3:a:adobe:flash_player:22.0.0.211:*:*:*:*:edge:*:*
cpe:2.3:a:adobe:flash_player:23.0:*:*:*:*:edge:*:*
cpe:2.3:a:adobe:flash_player:23.0:*:*:*:*:edge:*:*
cpe:2.3:a:adobe:flash_player:23.0.0.162:*:*:*:*:edge:*:*
cpe:2.3:a:adobe:flash_player:23.0.0.162:*:*:*:*:edge:*:*
cpe:2.3:a:adobe:flash_player:23.0.0.185:*:*:*:*:edge:*:*
cpe:2.3:a:adobe:flash_player:23.0.0.185:*:*:*:*:edge:*:*
cpe:2.3:a:adobe:flash_player:23.0.0.205:*:*:*:*:edge:*:*
cpe:2.3:a:adobe:flash_player:23.0.0.205:*:*:*:*:edge:*:*
cpe:2.3:a:adobe:flash_player:23.0.0.207:*:*:*:*:edge:*:*
cpe:2.3:a:adobe:flash_player:23.0.0.207:*:*:*:*:edge:*:*
cpe:2.3:a:adobe:flash_player:24.0.0.186:*:*:*:*:edge:*:*
cpe:2.3:a:adobe:flash_player:24.0.0.186:*:*:*:*:edge:*:*
cpe:2.3:a:adobe:flash_player:24.0.0.194:*:*:*:*:edge:*:*
cpe:2.3:a:adobe:flash_player:24.0.0.194:*:*:*:*:edge:*:*
cpe:2.3:a:adobe:flash_player:24.0.0.221:*:*:*:*:edge:*:*
cpe:2.3:a:adobe:flash_player:24.0.0.221:*:*:*:*:edge:*:*
cpe:2.3:a:adobe:flash_player:25.0.0.127:*:*:*:*:edge:*:*
cpe:2.3:a:adobe:flash_player:25.0.0.127:*:*:*:*:edge:*:*
cpe:2.3:a:adobe:flash_player:25.0.0.148:*:*:*:*:edge:*:*
cpe:2.3:a:adobe:flash_player:25.0.0.148:*:*:*:*:edge:*:*
cpe:2.3:a:adobe:flash_player:25.0.0.171:*:*:*:*:edge:*:*
cpe:2.3:a:adobe:flash_player:25.0.0.171:*:*:*:*:edge:*:*
cpe:2.3:a:adobe:flash_player:26.0.0.120:*:*:*:*:edge:*:*
cpe:2.3:a:adobe:flash_player:26.0.0.120:*:*:*:*:edge:*:*
cpe:2.3:a:adobe:flash_player:26.0.0.137:*:*:*:*:edge:*:*
cpe:2.3:a:adobe:flash_player:26.0.0.137:*:*:*:*:edge:*:*
cpe:2.3:a:adobe:flash_player:26.0.0.151:*:*:*:*:edge:*:*
cpe:2.3:a:adobe:flash_player:26.0.0.151:*:*:*:*:edge:*:*
cpe:2.3:a:adobe:flash_player:27.0.0.130:*:*:*:*:edge:*:*
cpe:2.3:a:adobe:flash_player:27.0.0.130:*:*:*:*:edge:*:*
cpe:2.3:a:adobe:flash_player:19.0.0.245:*:*:*:*:internet_explorer:*:*
cpe:2.3:a:adobe:flash_player:19.0.0.245:*:*:*:*:internet_explorer:*:*
cpe:2.3:a:adobe:flash_player:20.0.0.228:*:*:*:*:internet_explorer:*:*
cpe:2.3:a:adobe:flash_player:20.0.0.228:*:*:*:*:internet_explorer:*:*
cpe:2.3:a:adobe:flash_player:20.0.0.306:*:*:*:*:internet_explorer:*:*
cpe:2.3:a:adobe:flash_player:20.0.0.306:*:*:*:*:internet_explorer:*:*
cpe:2.3:a:adobe:flash_player:21.0.0.97:*:*:*:*:internet_explorer:*:*
cpe:2.3:a:adobe:flash_player:21.0.0.97:*:*:*:*:internet_explorer:*:*
cpe:2.3:a:adobe:flash_player:21.0.0.241:*:*:*:*:internet_explorer:*:*
cpe:2.3:a:adobe:flash_player:21.0.0.241:*:*:*:*:internet_explorer:*:*
cpe:2.3:a:adobe:flash_player:21.0.0.242:*:*:*:*:internet_explorer:*:*
cpe:2.3:a:adobe:flash_player:21.0.0.242:*:*:*:*:internet_explorer:*:*
cpe:2.3:a:adobe:flash_player:22.0.0.192:*:*:*:*:internet_explorer:*:*
cpe:2.3:a:adobe:flash_player:22.0.0.192:*:*:*:*:internet_explorer:*:*
cpe:2.3:a:adobe:flash_player:22.0.0.211:*:*:*:*:internet_explorer:*:*
cpe:2.3:a:adobe:flash_player:22.0.0.211:*:*:*:*:internet_explorer:*:*
cpe:2.3:a:adobe:flash_player:23.0.0.162:*:*:*:*:internet_explorer:*:*
cpe:2.3:a:adobe:flash_player:23.0.0.162:*:*:*:*:internet_explorer:*:*
cpe:2.3:a:adobe:flash_player:23.0.0.185:*:*:*:*:internet_explorer:*:*
cpe:2.3:a:adobe:flash_player:23.0.0.185:*:*:*:*:internet_explorer:*:*
cpe:2.3:a:adobe:flash_player:23.0.0.205:*:*:*:*:internet_explorer:*:*
cpe:2.3:a:adobe:flash_player:23.0.0.205:*:*:*:*:internet_explorer:*:*
cpe:2.3:a:adobe:flash_player:23.0.0.207:*:*:*:*:internet_explorer:*:*
cpe:2.3:a:adobe:flash_player:23.0.0.207:*:*:*:*:internet_explorer:*:*
cpe:2.3:a:adobe:flash_player:24.0.0.186:*:*:*:*:internet_explorer:*:*
cpe:2.3:a:adobe:flash_player:24.0.0.186:*:*:*:*:internet_explorer:*:*
cpe:2.3:a:adobe:flash_player:24.0.0.194:*:*:*:*:internet_explorer:*:*
cpe:2.3:a:adobe:flash_player:24.0.0.194:*:*:*:*:internet_explorer:*:*
cpe:2.3:a:adobe:flash_player:24.0.0.221:*:*:*:*:internet_explorer:*:*
cpe:2.3:a:adobe:flash_player:24.0.0.221:*:*:*:*:internet_explorer:*:*
cpe:2.3:a:adobe:flash_player:25.0.0.127:*:*:*:*:internet_explorer:*:*
cpe:2.3:a:adobe:flash_player:25.0.0.127:*:*:*:*:internet_explorer:*:*
cpe:2.3:a:adobe:flash_player:25.0.0.148:*:*:*:*:internet_explorer:*:*
cpe:2.3:a:adobe:flash_player:25.0.0.148:*:*:*:*:internet_explorer:*:*
cpe:2.3:a:adobe:flash_player:25.0.0.171:*:*:*:*:internet_explorer:*:*
cpe:2.3:a:adobe:flash_player:25.0.0.171:*:*:*:*:internet_explorer:*:*
cpe:2.3:a:adobe:flash_player:26.0.0.151:*:*:*:*:internet_explorer:*:*
cpe:2.3:a:adobe:flash_player:26.0.0.151:*:*:*:*:internet_explorer:*:*
cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:16.0.0.287:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:16.0.0.287:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:18.0:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:18.0:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:18.0.0.203:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:18.0.0.203:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:18.0.0.204:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:18.0.0.204:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:19.0.0.245:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:19.0.0.245:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:20.0.0.228:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:20.0.0.228:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:20.0.0.306:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:20.0.0.306:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:21.0.0.97:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:21.0.0.97:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:21.0.0.216:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:21.0.0.216:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:21.0.0.242:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:21.0.0.242:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:22.0.0.192:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:22.0.0.192:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:22.0.0.211:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:22.0.0.211:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:23.0:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:23.0:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:23.0.0.162:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:23.0.0.162:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:23.0.0.185:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:23.0.0.185:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:23.0.0.205:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:23.0.0.205:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:23.0.0.207:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:23.0.0.207:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:23.0.0.257:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:23.0.0.257:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:24.0.0.186:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:24.0.0.186:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:24.0.0.194:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:24.0.0.194:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:24.0.0.221:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:24.0.0.221:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:25.0.0.127:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:25.0.0.127:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:25.0.0.148:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:25.0.0.148:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:25.0.0.163:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:25.0.0.163:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:25.0.0.171:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:25.0.0.171:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:26.0.0.126:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:26.0.0.126:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:26.0.0.131:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:26.0.0.131:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:26.0.0.137:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:26.0.0.137:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:26.0.0.151:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:26.0.0.151:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:27.0.0.130:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:27.0.0.130:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:27.0.0.159:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:27.0.0.159:*:*:*:*:chrome:*:*
cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*
cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*

CVSS

Base:	6.0 (as of 27-01-2023 - 19:24)
Impact:
Exploitability:

CWE

CWE-843

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	SINGLE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:S/C:P/I:P/A:P

redhat via4

advisories

rhsa

id	RHSA-2017:2899

rpms

flash-plugin-0:27.0.0.170-1.el6_9

refmap via4

bid	101286
confirm	https://helpx.adobe.com/security/products/flash-player/apsb17-32.html
gentoo	GLSA-201710-22
sectrack	1039582

Last major update

27-01-2023 - 19:24

Published

22-10-2017 - 19:29

Last modified

27-01-2023 - 19:24