Vulnerability Description
Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability in the advertising metadata functionality. Successful exploitation could lead to arbitrary code execution.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Adobe | Flash Player | <= 25.0.0.171 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/99023Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1038655
- https://access.redhat.com/errata/RHSA-2017:1439
- https://helpx.adobe.com/security/products/flash-player/apsb17-17.htmlVendor Advisory
- https://security.gentoo.org/glsa/201707-15
- http://www.securityfocus.com/bid/99023Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1038655
- https://access.redhat.com/errata/RHSA-2017:1439
- https://helpx.adobe.com/security/products/flash-player/apsb17-17.htmlVendor Advisory
- https://security.gentoo.org/glsa/201707-15
FAQ
What is CVE-2017-3084?
CVE-2017-3084 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability in the advertising metadata functionality. Successful exploitation could lead to arbitrary code exec...
How severe is CVE-2017-3084?
CVE-2017-3084 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2017-3084?
Check the references section above for vendor advisories and patch information. Affected products include: Adobe Flash Player.