Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2017-11282Improper Restriction of Operations within the Bounds of a Memory Buffer in Adobe Flash Player

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer13 documents9 sources
Severity
9.8CRITICALNVD
EPSS
20.7%
top 4.40%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
4
Adobe Flash PlayerRedhat Enterprise Linux DesktopRedhat Enterprise Linux Server+1 more
Timeline
PublishedDec 1
Latest updateMay 13

Description

Adobe Flash Player has an exploitable memory corruption vulnerability in the MP4 atom parser. Successful exploitation could lead to arbitrary code execution. This affects 26.0.0.151 and earlier.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages4 packages

NVDadobe/flash_player26.0.0.151

🔴Vulnerability Details

3
GHSA
GHSA-vq94-9f8p-793h: Adobe Flash Player has an exploitable memory corruption vulnerability in the MP4 atom parser2022-05-13
OSV
CVE-2017-11282: Adobe Flash Player has an exploitable memory corruption vulnerability in the MP4 atom parser2017-12-01
CVEList
CVE-2017-11282: Adobe Flash Player has an exploitable memory corruption vulnerability in the MP4 atom parser2017-12-01

💥Exploits & PoCs

1
Exploit-DB
Adobe Flash - Out-of-Bounds Read in applyToRange2017-09-25

📋Vendor Advisories

1
Red Hat
flash-plugin: multiple code execution issues fixed in APSB17-282017-09-12

🕵️Threat Intelligence

6
Trendmicro
September Patch Tuesday Fixes MS Office Zero-Day2017-09-13
Trendmicro
September Patch Tuesday Fixes MS Office Zero-Day2017-09-13
Trendmicro
September Patch Tuesday Fixes MS Office Zero-Day2017-09-13
Trendmicro
September Patch Tuesday Fixes MS Office Zero-Day2017-09-13
Trendmicro
September Patch Tuesday Fixes MS Office Zero-Day2017-09-13

💬Community

1
Bugzilla
CVE-2017-11281 CVE-2017-11282 flash-plugin: multiple code execution issues fixed in APSB17-282017-09-13