ALT-PU-2017-3647-1 — adobe-flash-player

BDU:2017-00964

CRITICAL10.0

Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код

Published: 2017-04-24Modified: 2021-03-23

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2017-00965

CRITICAL10.0

Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код

Published: 2017-04-24Modified: 2021-03-23

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2017-00966

CRITICAL10.0

Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код

Published: 2017-04-24Modified: 2021-03-23

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2017-00967

CRITICAL10.0

Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код

Published: 2017-04-24Modified: 2021-03-23

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2017-00968

CRITICAL10.0

Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код

Published: 2017-04-24Modified: 2021-03-23

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2017-00974

CRITICAL9.3

Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код

Published: 2017-04-27Modified: 2021-03-23

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2017-00975

CRITICAL9.3

Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код

Published: 2017-04-27Modified: 2021-03-23

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2017-01512

CRITICAL10.0

Уязвимость функционала метаданных программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код

Published: 2017-06-30Modified: 2021-03-23

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2017-01513

CRITICAL10.0

Уязвимость SDK-функционала метаданных профиля медиапотока программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код

Published: 2017-06-30Modified: 2021-03-23

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2017-01577

CRITICAL10.0

Уязвимость класса LocaleID программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код

Published: 2017-07-06Modified: 2021-03-23

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2017-01578

CRITICAL10.0

Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код

Published: 2017-07-06Modified: 2021-03-23

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2017-01579

CRITICAL10.0

Уязвимость компонента, отвечающего за внутреннее представление растровых данных, программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код

Published: 2017-07-06Modified: 2021-03-23

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2017-01580

CRITICAL10.0

Уязвимость модуля Adobe Texture Format (ATF) программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код

Published: 2017-07-06Modified: 2021-03-23

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2017-01581

CRITICAL10.0

Уязвимость анализатора PNG изображений программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код

Published: 2017-07-06Modified: 2021-03-23

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2017-01582

CRITICAL10.0

Уязвимость модуля MPEG-4 AVC программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код

Published: 2017-07-06Modified: 2021-03-23

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2017-01583

CRITICAL10.0

Уязвимость класса ActionsScript 2 XML программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код

Published: 2017-07-06Modified: 2021-03-23

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2017-3058

HIGH7.8

Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the sound class. Successful exploitation could lead to arbitrary code execution.

Published: 2017-04-12Modified: 2025-04-20

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 7.8

CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References

CVE-2017-3059

CRITICAL9.8

Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the internal script object. Successful exploitation could lead to arbitrary code execution.

Published: 2017-04-12Modified: 2025-04-20

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS 3.xCRITICAL 9.8

CVSS:3.x/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

CVE-2017-3060

CRITICAL9.8

Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability in the ActionScript2 code parser. Successful exploitation could lead to arbitrary code execution.

Published: 2017-04-12Modified: 2025-04-20

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS 3.xCRITICAL 9.8

CVSS:3.x/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

CVE-2017-3061

CRITICAL9.8

Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability in the SWF parser. Successful exploitation could lead to arbitrary code execution.

Published: 2017-04-12Modified: 2025-04-20

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS 3.xCRITICAL 9.8

CVSS:3.x/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

CVE-2017-3062

CRITICAL9.8

Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in ActionScript2 when creating a getter/setter property. Successful exploitation could lead to arbitrary code execution.

Published: 2017-04-12Modified: 2025-04-20

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS 3.xCRITICAL 9.8

CVSS:3.x/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

CVE-2017-3063

CRITICAL9.8

Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the ActionScript2 NetStream class. Successful exploitation could lead to arbitrary code execution.

Published: 2017-04-12Modified: 2025-04-20

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS 3.xCRITICAL 9.8

CVSS:3.x/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

CVE-2017-3064

HIGH7.8

Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability when parsing a shape outline. Successful exploitation could lead to arbitrary code execution.

Published: 2017-04-12Modified: 2025-04-20

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 7.8

CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References

CVE-2017-3075

CRITICAL9.8

Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability when manipulating the ActionsScript 2 XML class. Successful exploitation could lead to arbitrary code execution.

Published: 2017-06-20Modified: 2025-04-20

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS 3.xCRITICAL 9.8

CVSS:3.x/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

CVE-2017-3076

CRITICAL9.8

Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the MPEG-4 AVC module. Successful exploitation could lead to arbitrary code execution.

Published: 2017-06-20Modified: 2025-04-20

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS 3.xCRITICAL 9.8

CVSS:3.x/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

CVE-2017-3077

CRITICAL9.8

Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the PNG image parser. Successful exploitation could lead to arbitrary code execution.

Published: 2017-06-20Modified: 2025-04-20

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS 3.xCRITICAL 9.8

CVSS:3.x/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

CVE-2017-3078

CRITICAL9.8

Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the Adobe Texture Format (ATF) module. Successful exploitation could lead to arbitrary code execution.

Published: 2017-06-20Modified: 2025-04-20

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS 3.xCRITICAL 9.8

CVSS:3.x/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

CVE-2017-3079

CRITICAL9.8

Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the internal representation of raster data. Successful exploitation could lead to arbitrary code execution.

Published: 2017-06-20Modified: 2025-04-20

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS 3.xCRITICAL 9.8

CVSS:3.x/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

CVE-2017-3081

CRITICAL9.8

Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability during internal computation caused by multiple display object mask manipulations. Successful exploitation could lead to arbitrary code execution.

Published: 2017-06-20Modified: 2025-04-20

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS 3.xCRITICAL 9.8

CVSS:3.x/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

CVE-2017-3082

CRITICAL9.8

Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the LocaleID class. Successful exploitation could lead to arbitrary code execution.

Published: 2017-06-20Modified: 2025-04-20

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS 3.xCRITICAL 9.8

CVSS:3.x/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

CVE-2017-3083

CRITICAL9.8

Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability in the Primetime SDK functionality related to the profile metadata of the media stream. Successful exploitation could lead to arbitrary code execution.

Published: 2017-06-20Modified: 2025-04-20

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS 3.xCRITICAL 9.8

CVSS:3.x/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

CVE-2017-3084

CRITICAL9.8

Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability in the advertising metadata functionality. Successful exploitation could lead to arbitrary code execution.

Published: 2017-06-20Modified: 2025-04-20

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS 3.xCRITICAL 9.8

CVSS:3.x/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

Package update adobe-flash-player in branch sisyphus

Closed issues (32)

Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код

Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код

Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код

Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код

Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код

Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код

Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код

Уязвимость функционала метаданных программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код

Уязвимость SDK-функционала метаданных профиля медиапотока программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код

Уязвимость класса LocaleID программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код

Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код

Уязвимость модуля Adobe Texture Format (ATF) программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код

Уязвимость анализатора PNG изображений программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код

Уязвимость модуля MPEG-4 AVC программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код

Уязвимость класса ActionsScript 2 XML программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код

Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the sound class. Successful exploitation could lead to arbitrary code execution.

Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the internal script object. Successful exploitation could lead to arbitrary code execution.

Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability in the ActionScript2 code parser. Successful exploitation could lead to arbitrary code execution.

Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability in the SWF parser. Successful exploitation could lead to arbitrary code execution.

Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in ActionScript2 when creating a getter/setter property. Successful exploitation could lead to arbitrary code execution.

Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the ActionScript2 NetStream class. Successful exploitation could lead to arbitrary code execution.

Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability when parsing a shape outline. Successful exploitation could lead to arbitrary code execution.

Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability when manipulating the ActionsScript 2 XML class. Successful exploitation could lead to arbitrary code execution.

Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the MPEG-4 AVC module. Successful exploitation could lead to arbitrary code execution.

Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the PNG image parser. Successful exploitation could lead to arbitrary code execution.

Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the Adobe Texture Format (ATF) module. Successful exploitation could lead to arbitrary code execution.

Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the internal representation of raster data. Successful exploitation could lead to arbitrary code execution.

Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability during internal computation caused by multiple display object mask manipulations. Successful exploitation could lead to arbitrary code execution.

Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the LocaleID class. Successful exploitation could lead to arbitrary code execution.

Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability in the Primetime SDK functionality related to the profile metadata of the media stream. Successful exploitation could lead to arbitrary code execution.

Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability in the advertising metadata functionality. Successful exploitation could lead to arbitrary code execution.