English
Russian
Japanese
LatAm
Türkiye
Brasil
France
Český
Deutschland
KLA11103
Multiple arbitrary code execution vulnerabilities in Adobe Flash Player
|
Detect date
?
|
09/12/2017 |
|
Severity
?
|
Critical |
|
Description
|
Multiple serious memory corruption vulnerabilities have been found in Adobe Flash Player versions earlier than 27.0.0.130. Malicious users can exploit these vulnerabilities to execute arbitrary code. NB: These vulnerabilities does not have any public CVSS ratings, so overall rating can be changed by the time. NB: At this moment Adobe has just reserved CVE numbers for these vulnerabilities. Information can be changed soon. Technical details To update Adobe Flash Player ActiveX (detected as Flash.ocx) on Windows 8 and higher, install latest updates from Control Panel |
|
Affected products
|
Adobe Flash Player versions earlier than 27.0.0.130 |
|
Solution
|
Update to the latest version |
|
Original advisories
|
|
|
Impacts
?
|
ACE [?] XSS/CSS [?] |
|
Related products
|
Adobe Flash Player ActiveX Adobe Flash Player NPAPI Adobe Flash Player PPAPI |
|
CVE-IDS
?
|
|
|
Exploitation
|
The following public exploits exists for this vulnerability: https://www.exploit-db.com/exploits/42782 https://www.exploit-db.com/exploits/42781 https://www.exploit-db.com/exploits/42783 Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details. |
| Find out the statistics of the vulnerabilities spreading in your region |