Vulnerability Description
An issue was discovered in Adobe Shockwave 12.2.9.199 and earlier. An exploitable memory corruption vulnerability exists. Successful exploitation could lead to arbitrary code execution.
CVSS Score
9.8
CRITICAL
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Adobe | Shockwave | <= 12.2.9.199 |
| Microsoft | Windows | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/101836Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1039784Third Party AdvisoryVDB Entry
- https://helpx.adobe.com/security/products/shockwave/apsb17-40.htmlVendor Advisory
- http://www.securityfocus.com/bid/101836Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1039784Third Party AdvisoryVDB Entry
- https://helpx.adobe.com/security/products/shockwave/apsb17-40.htmlVendor Advisory
FAQ
What is CVE-2017-11294?
CVE-2017-11294 is a vulnerability with a CVSS score of 9.8 (CRITICAL). An issue was discovered in Adobe Shockwave 12.2.9.199 and earlier. An exploitable memory corruption vulnerability exists. Successful exploitation could lead to arbitrary code execution.
How severe is CVE-2017-11294?
CVE-2017-11294 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2017-11294?
Check the references section above for vendor advisories and patch information. Affected products include: Adobe Shockwave, Microsoft Windows.