AVG-266

Package lib32-flashplugin
Status Fixed
Severity Critical
Type arbitrary code execution
Affected 25.0.0.148-1
Fixed 25.0.0.171-1
Current 30.0.0.113-1 [multilib]
Ticket None
Created Tue May 9 18:31:17 2017
Issue Severity Remote Type Description
CVE-2017-3074 Critical Yes Arbitrary code execution
A memory corruption vulnerability leading to code execution has been found in the Graphics class of Adobe Flash Player < 25.0.0.171.
CVE-2017-3073 Critical Yes Arbitrary code execution
A memory corruption vulnerability leading to code execution has been found in Adobe Flash Player < 25.0.0.171, when handling multiple mask properties of...
CVE-2017-3072 Critical Yes Arbitrary code execution
A memory corruption vulnerability leading to code execution has been found in the BitmapData class of Adobe Flash Player < 25.0.0.171.
CVE-2017-3071 Critical Yes Arbitrary code execution
A use-after-free vulnerability that could lead to code execution has been found in Adobe Flash Player < 25.0.0.171, when masking display object.
CVE-2017-3070 Critical Yes Arbitrary code execution
A memory corruption vulnerability leading to code execution has been found in the ConvolutionFilter class of Adobe Flash Player < 25.0.0.171.
CVE-2017-3069 Critical Yes Arbitrary code execution
A memory corruption vulnerability leading to code execution has been found in the BlendMode class of Adobe Flash Player < 25.0.0.171.
CVE-2017-3068 Critical Yes Arbitrary code execution
A memory corruption vulnerability leading to code execution has been found in the Advanced Video Coding engine of Adobe Flash Player < 25.0.0.171.
Date Advisory Package Description
09 May 2017 ASA-201705-9 lib32-flashplugin arbitrary code execution
References
https://helpx.adobe.com/security/products/flash-player/apsb17-15.html