CVE-2017-3072

Опубликовано: 09 мая 2017

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 9.3

CVSS3: 8.8

Описание

Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BitmapData class. Successful exploitation could lead to arbitrary code execution.

Релиз	Статус	Примечание
devel	released	1:20170509.1-0ubuntu1
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was released [1:20170509.1-0ubuntu0.14.04.1]]
precise/esm	DNE
trusty	released	1:20170509.1-0ubuntu0.14.04.1
trusty/esm	DNE	trusty was released [1:20170509.1-0ubuntu0.14.04.1]
upstream	needs-triage
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
xenial	released	1:20170509.1-0ubuntu0.16.04.1
yakkety	released	1:20170509.1-0ubuntu0.16.10.1

Показывать по

Релиз	Статус	Примечание
devel	released	25.0.0.171ubuntu1
esm-apps/xenial	released	25.0.0.171ubuntu0.16.04.1
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was released [25.0.0.171ubuntu0.14.04.1]]
precise/esm	DNE
trusty	released	25.0.0.171ubuntu0.14.04.1
trusty/esm	DNE	trusty was released [25.0.0.171ubuntu0.14.04.1]
upstream	needs-triage
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
xenial	released	25.0.0.171ubuntu0.16.04.1

Показывать по

Ссылки на источники

EPSS

Процентиль: 83%

0.02018

Низкий

9.3 Critical

CVSS2

8.8 High

CVSS3

Связанные уязвимости

CVE-2017-3072

CVSS3: 8.8

redhat

больше 8 лет назад

Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BitmapData class. Successful exploitation could lead to arbitrary code execution.

CVE-2017-3072

CVSS3: 8.8

nvd

больше 8 лет назад

Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BitmapData class. Successful exploitation could lead to arbitrary code execution.

GHSA-mfj9-rqfm-mcvg

CVSS3: 9.8

github

больше 3 лет назад

Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BitmapData class. Successful exploitation could lead to arbitrary code execution.

BDU:2017-01203

fstec

больше 8 лет назад

Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код

SUSE-SU-2017:1238-1

suse-cvrf

больше 8 лет назад

Security update for flash-player

EPSS

Процентиль: 83%

0.02018

Низкий

9.3 Critical

CVSS2

8.8 High

CVSS3

CVE-2017-3072

Описание

Пакет adobe-flashplugin

Пакет flashplugin-nonfree

Ссылки на источники

Связанные уязвимости