Memory corruption in Adobe Flash Player - CVE-2017-3100
Published: July 11, 2017 / Updated: July 12, 2017
Vulnerability identifier: #VU7395
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2017-3100
CWE-ID: CWE-119
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Adobe
Affected software:
Adobe Flash Player
Adobe Flash Player
Detailed vulnerability description
The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.
The weakness exists due to boundary error when handling malicious content. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and gain access to memory address.
Successful exploitation of the vulnerability may result in information disclosure.
The weakness exists due to boundary error when handling malicious content. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and gain access to memory address.
Successful exploitation of the vulnerability may result in information disclosure.
How to mitigate CVE-2017-3100
Update to version 26.0.0.137.