Vulnerability Description
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the internal script object. Successful exploitation could lead to arbitrary code execution.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Adobe | Flash Player | <= 25.0.0.127 |
| Microsoft | Windows 10 | All versions |
| Microsoft | Windows 8.1 | All versions |
| Apple | Mac Os X | - |
| Chrome Os | - | |
| Linux | Linux Kernel | - |
| Microsoft | Windows | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/97551Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1038225
- https://access.redhat.com/errata/RHSA-2017:0934
- https://helpx.adobe.com/security/products/flash-player/apsb17-10.htmlVendor Advisory
- https://security.gentoo.org/glsa/201704-04
- http://www.zerodayinitiative.com/advisories/ZDI-17-246/Third Party AdvisoryVDB Entry
- http://www.securityfocus.com/bid/97551Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1038225
- https://access.redhat.com/errata/RHSA-2017:0934
- https://helpx.adobe.com/security/products/flash-player/apsb17-10.htmlVendor Advisory
- https://security.gentoo.org/glsa/201704-04
FAQ
What is CVE-2017-3059?
CVE-2017-3059 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the internal script object. Successful exploitation could lead to arbitrary code execution.
How severe is CVE-2017-3059?
CVE-2017-3059 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2017-3059?
Check the references section above for vendor advisories and patch information. Affected products include: Adobe Flash Player, Microsoft Windows 10, Microsoft Windows 8.1, Apple Mac Os X, Google Chrome Os.