First published: Tue May 09 2017(Updated: )
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Graphics class. Successful exploitation could lead to arbitrary code execution.
Credit: psirt@adobe.com
Affected Software | Affected Version | How to fix |
---|---|---|
Adobe Flash Player | <=25.0.0.163 | |
Apple iOS and macOS | ||
Macromedia Flash Player | <=25.0.0.148 | |
Macromedia Flash Player | <=25.0.0.148 | |
Microsoft Windows 10 | ||
Microsoft Windows 8.1 | ||
Macromedia Flash Player | <=25.0.0.148 | |
Chrome OS | ||
Linux Kernel | ||
Microsoft Windows | ||
Adobe Flash Player | <=25.0.0.148 | |
Red Hat Enterprise Linux | =6.0 | |
Red Hat Enterprise Linux Desktop | =6.0 | |
Red Hat Enterprise Linux Workstation | =6.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2017-3074 is considered a critical vulnerability due to its potential for arbitrary code execution.
To fix CVE-2017-3074, upgrade Adobe Flash Player to version 25.0.0.163 or later.
CVE-2017-3074 affects Adobe Flash Player versions 25.0.0.148 and earlier.
CVE-2017-3074 can be exploited to execute arbitrary code on the affected system.
No, macOS is not vulnerable to CVE-2017-3074 if it does not run the affected versions of Adobe Flash Player.