AVG-208

Package flashplugin
Status Fixed
Severity Critical
Type multiple issues
Affected 24.0.0.221-1
Fixed 25.0.0.127-1
Current 28.0.0.161-1 [extra]
Ticket None
Created Tue Mar 14 18:57:05 2017
Issue Severity Remote Type Description
CVE-2017-3003 Critical Yes Arbitrary code execution
A use-after-free vulnerability that could lead to code execution has been found in Adobe Flash Player <= 24.0.0.221.
CVE-2017-3002 Critical Yes Arbitrary code execution
A use-after-free vulnerability that could lead to code execution has been found in Adobe Flash Player <= 24.0.0.221.
CVE-2017-3001 Critical Yes Arbitrary code execution
A use-after-free vulnerability that could lead to code execution has been found in Adobe Flash Player <= 24.0.0.221.
CVE-2017-3000 High Yes Information disclosure
A random number generator vulnerability used for constant blinding that could lead to information disclosure has been found in Adobe Flash Player <= 24.0.0.221.
CVE-2017-2999 Critical Yes Arbitrary code execution
A memory corruption vulnerability that could lead to code execution has been found in Adobe Flash Player <= 24.0.0.221.
CVE-2017-2998 Critical Yes Arbitrary code execution
A memory corruption vulnerability that could lead to code execution has been found in Adobe Flash Player <= 24.0.0.221.
CVE-2017-2997 Critical Yes Arbitrary code execution
A buffer overflow vulnerability that could lead to code execution has been found in Adobe Flash Player <= 24.0.0.221.
Date Advisory Package Description
15 Mar 2017 ASA-201703-11 flashplugin multiple issues
References
https://helpx.adobe.com/security/products/flash-player/apsb17-07.html