Vulnerability Description
Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability in the Primetime SDK functionality related to the profile metadata of the media stream. Successful exploitation could lead to arbitrary code execution.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Adobe | Flash Player | <= 25.0.0.171 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/99023Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1038655
- https://access.redhat.com/errata/RHSA-2017:1439
- https://helpx.adobe.com/security/products/flash-player/apsb17-17.htmlVendor Advisory
- https://security.gentoo.org/glsa/201707-15
- http://www.securityfocus.com/bid/99023Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1038655
- https://access.redhat.com/errata/RHSA-2017:1439
- https://helpx.adobe.com/security/products/flash-player/apsb17-17.htmlVendor Advisory
- https://security.gentoo.org/glsa/201707-15
FAQ
What is CVE-2017-3083?
CVE-2017-3083 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability in the Primetime SDK functionality related to the profile metadata of the media stream. Successful e...
How severe is CVE-2017-3083?
CVE-2017-3083 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2017-3083?
Check the references section above for vendor advisories and patch information. Affected products include: Adobe Flash Player.