CVE-2017-3073: Use After Free

First published: Tue May 09 2017(Updated: )

Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when handling multiple mask properties of display objects, aka memory corruption. Successful exploitation could lead to arbitrary code execution.

Credit: psirt@adobe.com

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• agent/type
• collector/mitre-cve
• source/MITRE
• agent/remedy
• agent/weakness
• agent/references
• agent/severity
• agent/last-modified-date
• agent/author
• agent/first-publish-date
• agent/description
• agent/event
• agent/source
• agent/tags
• agent/softwarecombine
• collector/nvd-index
• agent/software-canonical-lookup-request
• vendor/adobe
• canonical/adobe flash player
• version/adobe flash player/25.0.0.163
• vendor/apple
• canonical/apple mac os x
• canonical/adobe flash player for internet explorer 11
• version/adobe flash player for internet explorer 11/25.0.0.148
• vendor/microsoft
• canonical/microsoft windows 10
• canonical/microsoft windows 8.1
• vendor/google
• canonical/google chrome os
• vendor/linux
• canonical/linux kernel
• canonical/microsoft windows
• version/adobe flash player/25.0.0.148
• vendor/redhat
• canonical/red hat enterprise linux
• version/red hat enterprise linux/6.0
• canonical/redhat enterprise linux desktop
• version/redhat enterprise linux desktop/6.0
• canonical/redhat enterprise linux workstation
• version/redhat enterprise linux workstation/6.0