CVE-2017-2985
published 2017-02-15CVE-2017-2985: Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in the ActionScript 3 BitmapData class. Successful…
high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
EXPLOIT
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in the ActionScript 3 BitmapData class. Successful exploitation could lead to arbitrary code execution.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| adobe | flash_player | <= 24.0.0.194 | — |
| adobe | flash_player_desktop_runtime | <= 24.0.0.194 | — |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
osv8.8HIGH