Vulnerabilities > CVE-2017-3075 - Use After Free vulnerability in Adobe Flash Player

047910
CVSS 9.8 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
adobe
CWE-416
critical
nessus

Summary

Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability when manipulating the ActionsScript 2 XML class. Successful exploitation could lead to arbitrary code execution.

Vulnerable Configurations

Part Description Count
Application
Adobe
462
OS
Microsoft
3
OS
Apple
1
OS
Google
1
OS
Linux
1

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_CD944B3F51F611E7B7B2001C25E46B1D.NASL
    descriptionAdobe reports : - These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2017-3075, CVE-2017-3081, CVE-2017-3083, CVE-2017-3084). - These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2017-3076, CVE-2017-3077, CVE-2017-3078, CVE-2017-3079, CVE-2017-3082).
    last seen2020-06-01
    modified2020-06-02
    plugin id100829
    published2017-06-16
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/100829
    titleFreeBSD : Flash Player -- multiple vulnerabilities (cd944b3f-51f6-11e7-b7b2-001c25e46b1d)
  • NASL familyWindows : Microsoft Bulletins
    NASL idSMB_NT_MS17_JUN_4022730.NASL
    descriptionThe remote Windows host is missing security update KB4022730. It is, therefore, affected by multiple vulnerabilities : - Multiple use-after-free errors exist that allow an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-3075, CVE-2017-3081, CVE-2017-3083, CVE-2017-3084) - Multiple memory corruption issues exist that allow an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-3076, CVE-2017-3077, CVE-2017-3078, CVE-2017-3079, CVE-2017-3082)
    last seen2020-06-01
    modified2020-06-02
    plugin id100766
    published2017-06-13
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/100766
    titleKB4022730: Security update for Adobe Flash Player (June 2017)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2017-1439.NASL
    descriptionAn update for flash-plugin is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 26.0.0.126. Security Fix(es) : * This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities, detailed in the Adobe Security Bulletin listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content. (CVE-2017-3075, CVE-2017-3076, CVE-2017-3077, CVE-2017-3078, CVE-2017-3079, CVE-2017-3081, CVE-2017-3082, CVE-2017-3083, CVE-2017-3084)
    last seen2020-06-01
    modified2020-06-02
    plugin id100778
    published2017-06-14
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/100778
    titleRHEL 6 : flash-plugin (RHSA-2017:1439)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201707-15.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201707-15 (Adobe Flash Player: Multiple Vulnerabilities) Multiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could possibly execute arbitrary code with the privileges of the process or bypass security restrictions. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id101924
    published2017-07-24
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/101924
    titleGLSA-201707-15 : Adobe Flash Player: Multiple Vulnerabilities
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_FLASH_PLAYER_APSB17-17.NASL
    descriptionThe version of Adobe Flash Player installed on the remote macOS or Mac OS X host is equal or prior to version 25.0.0.171. It is, therefore, affected by multiple vulnerabilities : - Multiple use-after-free errors exist that allow an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-3075, CVE-2017-3081, CVE-2017-3083, CVE-2017-3084) - Multiple memory corruption issues exist that allow an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-3076, CVE-2017-3077, CVE-2017-3078, CVE-2017-3079, CVE-2017-3082)
    last seen2020-06-01
    modified2020-06-02
    plugin id100757
    published2017-06-13
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/100757
    titleAdobe Flash Player for Mac <= 25.0.0.171 Multiple Vulnerabilities (APSB17-17)
  • NASL familyWindows
    NASL idFLASH_PLAYER_APSB17-17.NASL
    descriptionThe version of Adobe Flash Player installed on the remote Windows host is equal or prior to version 25.0.0.171. It is, therefore, affected by multiple vulnerabilities : - Multiple use-after-free errors exist that allow an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-3075, CVE-2017-3081, CVE-2017-3083, CVE-2017-3084) - Multiple memory corruption issues exist that allow an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-3076, CVE-2017-3077, CVE-2017-3078, CVE-2017-3079, CVE-2017-3082)
    last seen2020-06-01
    modified2020-06-02
    plugin id100756
    published2017-06-13
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/100756
    titleAdobe Flash Player <= 25.0.0.171 Multiple Vulnerabilities (APSB17-17)

Redhat

advisories
rhsa
idRHSA-2017:1439
rpmsflash-plugin-0:26.0.0.126-1.el6_9