CVE-2017-3081

Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability during internal computation caused by multiple display object mask manipulations. Successful exploitation could lead to arbitrary code execution.

Published: Jun 20, 2017
Updated: Apr 13, 2023
CVE: CVE-2017-3081
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 10
AV:N/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-416

Affected Software
References

Software	From	Fixed in
adobe / flash_player	-	25.0.0.171.x

http://www.securityfocus.com/bid/99023
http://www.securitytracker.com/id/1038655
https://access.redhat.com/errata/RHSA-2017:1439
https://helpx.adobe.com/security/products/flash-player/apsb17-17.html
https://security.gentoo.org/glsa/201707-15

Vulnerability Database

289,697

CVE-2017-3081