Vulnerability Description
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the sound class. Successful exploitation could lead to arbitrary code execution.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Adobe | Flash Player | <= 25.0.0.127 |
| Microsoft | Windows 10 | All versions |
| Microsoft | Windows 8.1 | All versions |
| Apple | Mac Os X | - |
| Chrome Os | - | |
| Linux | Linux Kernel | - |
| Microsoft | Windows | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/97551Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1038225
- https://access.redhat.com/errata/RHSA-2017:0934
- https://helpx.adobe.com/security/products/flash-player/apsb17-10.htmlVendor Advisory
- https://security.gentoo.org/glsa/201704-04
- http://www.zerodayinitiative.com/advisories/ZDI-17-245/Third Party AdvisoryVDB Entry
- http://www.securityfocus.com/bid/97551Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1038225
- https://access.redhat.com/errata/RHSA-2017:0934
- https://helpx.adobe.com/security/products/flash-player/apsb17-10.htmlVendor Advisory
- https://security.gentoo.org/glsa/201704-04
FAQ
What is CVE-2017-3058?
CVE-2017-3058 is a vulnerability with a CVSS score of 7.8 (HIGH). Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the sound class. Successful exploitation could lead to arbitrary code execution.
How severe is CVE-2017-3058?
CVE-2017-3058 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-3058?
Check the references section above for vendor advisories and patch information. Affected products include: Adobe Flash Player, Microsoft Windows 10, Microsoft Windows 8.1, Apple Mac Os X, Google Chrome Os.