CVE-2017-3106

Related Files

Gentoo Linux Security Advisory 201709-16

Posted Sep 24, 2017

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201709-16 - Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code. Versions less than 27.0.0.130-r1 are affected.

tags | advisory, remote, arbitrary, vulnerability

systems | linux, gentoo

advisories | CVE-2017-11281, CVE-2017-11282, CVE-2017-3085, CVE-2017-3106

SHA-256 | 1f1f846175f0899cf7579a530d3a0f6ba45337a805744b1f2ee7bd01546c7dbc

Download | Favorite | View

Adobe Flash Invoke Accesses Trait Out-Of-Bounds

Posted Aug 17, 2017

Authored by Google Security Research, natashenka

The included proof of concept file causes the traits of an ActionScript object to be accessed out of bounds in Adobe Flash. This can probably lead to exploitable type confusion.

tags | exploit, proof of concept

advisories | CVE-2017-3106

SHA-256 | 3405d594903c387601f7c35a33eb5e51b9377962f2e626207f38421835a61d78

Download | Favorite | View

Red Hat Security Advisory 2017-2457-01

Posted Aug 10, 2017

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2457-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 26.0.0.151. Security Fix: This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities, detailed in the Adobe Security Bulletin listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content.

tags | advisory, web, arbitrary, vulnerability

systems | linux, redhat

advisories | CVE-2017-3085, CVE-2017-3106

SHA-256 | bc261cc226330a0e53b449833017b1d1ad3992238aed0ef8134477caa856ae2a

Download | Favorite | View