Multiple vulnerabilities in Microsoft implementation of Adobe Flash Player
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 12 |
| CVE-ID | CVE-2017-2931 CVE-2017-2930 CVE-2017-2928 CVE-2017-2926 CVE-2017-2925 CVE-2017-2935 CVE-2017-2934 CVE-2017-2933 CVE-2017-2927 CVE-2017-2937 CVE-2017-2936 CVE-2017-2932 |
| CWE-ID | CWE-125 CWE-119 CWE-122 CWE-416 |
| Exploitation vector | Network |
| Public exploit |
Public exploit code for vulnerability #1 is available. Public exploit code for vulnerability #2 is available. Public exploit code for vulnerability #6 is available. Public exploit code for vulnerability #7 is available. Public exploit code for vulnerability #8 is available. Public exploit code for vulnerability #12 is available. |
| Vulnerable software Subscribe |
Windows RT Operating systems & Components / Operating system Windows Server Operating systems & Components / Operating system Windows Operating systems & Components / Operating system |
| Vendor | Microsoft |
Security Bulletin
This security bulletin contains information about 12 vulnerabilities.
1) Memory corruption
EUVDB-ID: #VU4100
Risk: High
CVSSv3.1: 8.1 [CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2017-2931
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: Yes
DescriptionThe vulnerability allow a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to boundary error when processing .swf files. A remote attacker can create a specially crafted. swf file, trick the victim into opening it, cause memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from Microsoft website.
Vulnerable software versionsWindows: 8.1 - 10
Windows Server: 2012 - 2016 10.0.14393.10
External linkshttp://technet.microsoft.com/en-us/library/security/ms17-003.aspx
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
2) Memory corruption
EUVDB-ID: #VU4099
Risk: High
CVSSv3.1: 8.1 [CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2017-2930
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: Yes
DescriptionThe vulnerability allow a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to boundary error when processing .swf files. A remote attacker can create a specially crafted. swf file, trick the victim into opening it, cause memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from Microsoft website.
Vulnerable software versionsWindows: 8.1 - 10
Windows Server: 2012 - 2016 10.0.14393.10
External linkshttp://technet.microsoft.com/en-us/library/security/ms17-003.aspx
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
3) Memory corruption
EUVDB-ID: #VU4098
Risk: High
CVSSv3.1: 7.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-2928
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allow a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to boundary error when processing .swf files. A remote attacker can create a specially crafted. swf file, trick the victim into opening it, cause memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from Microsoft website.
Vulnerable software versionsWindows: 8.1 - 10
Windows Server: 2012 - 2016 10.0.14393.10
External linkshttp://technet.microsoft.com/en-us/library/security/ms17-003.aspx
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Memory corruption
EUVDB-ID: #VU4097
Risk: High
CVSSv3.1: 7.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-2926
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allow a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to boundary error when processing .swf files. A remote attacker can create a specially crafted. swf file, trick the victim into opening it, cause memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from Microsoft website.
Vulnerable software versionsWindows: 8.1 - 10
Windows Server: 2012 - 2016 10.0.14393.10
External linkshttp://technet.microsoft.com/en-us/library/security/ms17-003.aspx
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Memory corruption
EUVDB-ID: #VU4096
Risk: High
CVSSv3.1: 7.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-2925
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allow a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to boundary error when processing .swf files. A remote attacker can create a specially crafted. swf file, trick the victim into opening it, cause memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from Microsoft website.
Vulnerable software versionsWindows: 8.1 - 10
Windows Server: 2012 - 2016 10.0.14393.10
External linkshttp://technet.microsoft.com/en-us/library/security/ms17-003.aspx
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Heap-based buffer overflow
EUVDB-ID: #VU4095
Risk: High
CVSSv3.1: 8.1 [CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2017-2935
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: Yes
DescriptionThe vulnerability allow a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to boundary error when processing AVC header slicing within .swf files. A remote attacker can create a specially crafted. flv file, trick the victim into opening it using Flash Player, cause heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from Microsoft website.
Vulnerable software versionsWindows: 8.1 - 10
Windows Server: 2012 - 2016 10.0.14393.10
External linkshttp://technet.microsoft.com/en-us/library/security/ms17-003.aspx
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
7) Heap-based buffer overflow
EUVDB-ID: #VU4094
Risk: High
CVSSv3.1: 8.1 [CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2017-2934
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: Yes
DescriptionThe vulnerability allow a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to boundary error when decompressing planar block within .swf files. A remote attacker can create a specially crafted. atf file, trick the victim into opening it using Flash Player, cause heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from Microsoft website.
Vulnerable software versionsWindows: 8.1 - 10
Windows Server: 2012 - 2016 10.0.14393.10
External linkshttp://technet.microsoft.com/en-us/library/security/ms17-003.aspx
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
8) Heap-based buffer overflow
EUVDB-ID: #VU4093
Risk: High
CVSSv3.1: 8.1 [CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2017-2933
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: Yes
DescriptionThe vulnerability allow a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to boundary error when processing thumbnails within .swf files. A remote attacker can create a specially crafted.thumbnail, trick the victim into opening it using Flash Player, cause heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from Microsoft website.
Vulnerable software versionsWindows: 8.1 - 10
Windows Server: 2012 - 2016 10.0.14393.10
External linkshttp://technet.microsoft.com/en-us/library/security/ms17-003.aspx
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
9) Heap-based buffer overflow
EUVDB-ID: #VU4092
Risk: High
CVSSv3.1: 7.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-2927
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allow a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to boundary error when processing .swf files. A remote attacker can create a specially crafted. swf file, trick the victim into opening it, cause heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from Microsoft website.
Vulnerable software versionsWindows: 8.1 - 10
Windows Server: 2012 - 2016 10.0.14393.10
External linkshttp://technet.microsoft.com/en-us/library/security/ms17-003.aspx
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Use-after-free error
EUVDB-ID: #VU4091
Risk: High
CVSSv3.1: 7.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-2937
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allow a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to use-after-free error when processing .swf files. A remote attacker can create a specially crafted. swf file, trick the victim into opening it, cause memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from Microsoft website.
Vulnerable software versionsWindows: 8.1 - 10
Windows Server: 2012 - 2016 10.0.14393.10
External linkshttp://technet.microsoft.com/en-us/library/security/ms17-003.aspx
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Use-after-free error
EUVDB-ID: #VU4090
Risk: High
CVSSv3.1: 7.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-2936
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allow a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to use-after-free error when processing .swf files. A remote attacker can create a specially crafted. swf file, trick the victim into opening it, cause memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from Microsoft website.
Vulnerable software versionsWindows: 8.1 - 10
Windows Server: 2012 - 2016 10.0.14393.10
External linkshttp://technet.microsoft.com/en-us/library/security/ms17-003.aspx
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Use-after-free error
EUVDB-ID: #VU4089
Risk: High
CVSSv3.1: 8.1 [CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2017-2932
CWE-ID:
CWE-416 - Use After Free
Exploit availability: Yes
DescriptionThe vulnerability allow a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to use-after-free error when processing .swf files. A remote attacker can create a specially crafted. swf file, trick the victim into opening it, cause memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from Microsoft website.
Vulnerable software versionsWindows: 8.1 - 10
Windows Server: 2012 - 2016 10.0.14393.10
External linkshttp://technet.microsoft.com/en-us/library/security/ms17-003.aspx
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
