AVG-135 log

Package flashplugin
Status Fixed
Severity Critical
Type multiple issues
Affected 24.0.0.186-1
Fixed 24.0.0.194-1
Current Removed
Ticket None
Created Thu Jan 12 23:12:20 2017
Issue Severity Remote Type Description
CVE-2017-2938 High Yes Information disclosure
Adobe Flash Player versions 24.0.0.186 and earlier have a security bypass vulnerability related to handling TCP connections.
CVE-2017-2937 Critical Yes Arbitrary code execution
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript FileReference class, when using...
CVE-2017-2936 Critical Yes Arbitrary code execution
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript FileReference class.
CVE-2017-2935 Critical Yes Arbitrary code execution
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability when processing the Flash Video container file format.
CVE-2017-2934 Critical Yes Arbitrary code execution
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability when parsing Adobe Texture Format files.
CVE-2017-2933 Critical Yes Arbitrary code execution
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability related to texture compression.
CVE-2017-2932 Critical Yes Arbitrary code execution
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript MovieClip class.
CVE-2017-2931 Critical Yes Arbitrary code execution
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to the parsing of SWF metadata.
CVE-2017-2930 Critical Yes Arbitrary code execution
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability due to a concurrency error when manipulating a...
CVE-2017-2928 Critical Yes Arbitrary code execution
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to setting visual mode effects.
CVE-2017-2927 Critical Yes Arbitrary code execution
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability when processing Adobe Texture Format files.
CVE-2017-2926 Critical Yes Arbitrary code execution
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to processing of atoms in MP4 files.
CVE-2017-2925 Critical Yes Arbitrary code execution
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability in the JPEG XR codec.
Date Advisory Package Type
12 Jan 2017 ASA-201701-16 flashplugin multiple issues