CVE-2017-3086

CWE-119Buffer Overflow4 documents4 sources
Severity
9.8CRITICAL
EPSS
5.8%
top 9.50%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Adobe Shockwave Player
Timeline
PublishedJun 20
Latest updateMay 17

Description

Adobe Shockwave versions 12.2.8.198 and earlier have an exploitable memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

CVEListV5adobe_shockwave_12.2.8.198_and_earlier.Adobe Shockwave 12.2.8.198 and earlier.
NVDadobe/shockwave_player12.2.8.198

🔴Vulnerability Details

2
GHSA
GHSA-6mqw-4pq7-h9fp: Adobe Shockwave versions 122022-05-17
CVEList
CVE-2017-3086: Adobe Shockwave versions 122017-06-20

📋Vendor Advisories

1
Apache
Apache hadoop: CVE-2017-15718
CVE-2017-3086 (CRITICAL CVSS 9.8) | Adobe Shockwave versions 12.2.8.198 | cvebase.io