CVE-2017-3114
First published: Sat Dec 09 2017(Updated: )
An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer; the computation is part of providing language- and region- or country- specific functionality. The use of an invalid (out-of-range) pointer offset during access of internal data structure fields causes the vulnerability. A successful attack can lead to sensitive data exposure.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat enterprise Linux desktop | =6.0 | |
| redhat enterprise Linux server | =6.0 | |
| redhat enterprise Linux workstation | =6.0 | |
| Adobe Flash Player for Internet Explorer 11 | <=27.0.0.183 | |
| Apple macOS | ||
| Linux Kernel | ||
| Microsoft Windows | ||
| Adobe Flash Player for Internet Explorer 11 | <=27.0.0.183 | |
| Google Chrome OS | ||
| Adobe Flash Player for Internet Explorer 11 | <=27.0.0.183 | |
| Adobe Flash Player for Internet Explorer 11 | <=27.0.0.183 | |
| Microsoft Windows 10 | ||
| Microsoft Windows 8.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this issue in Adobe Flash Player?
The vulnerability ID of this issue in Adobe Flash Player is CVE-2017-3114.
What is the severity level of CVE-2017-3114?
CVE-2017-3114 has a severity level of 9.8 (Critical).
Which software versions are affected by CVE-2017-3114?
CVE-2017-3114 affects Adobe Flash Player versions up to and including 27.0.0.183.
How does CVE-2017-3114 impact Redhat Enterprise Linux?
CVE-2017-3114 affects Redhat Enterprise Linux Desktop, Server, and Workstation versions 6.0.
Where can I find more information about CVE-2017-3114?
More information about CVE-2017-3114 can be found at the following references: [SecurityFocus](http://www.securityfocus.com/bid/101837), [SecurityTracker](http://www.securitytracker.com/id/1039778), [Red Hat Security Advisory](https://access.redhat.com/errata/RHSA-2017:3222).
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/weakness
- agent/references
- agent/severity
- agent/last-modified-date
- agent/author
- agent/first-publish-date
- agent/description
- agent/event
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/redhat
- canonical/redhat enterprise linux desktop
- version/redhat enterprise linux desktop/6.0
- canonical/redhat enterprise linux server
- version/redhat enterprise linux server/6.0
- canonical/redhat enterprise linux workstation
- version/redhat enterprise linux workstation/6.0
- vendor/adobe
- canonical/adobe flash player for internet explorer 11
- version/adobe flash player for internet explorer 11/27.0.0.183
- vendor/apple
- canonical/apple macos
- vendor/linux
- canonical/linux kernel
- vendor/microsoft
- canonical/microsoft windows
- vendor/google
- canonical/google chrome os
- canonical/microsoft windows 10
- canonical/microsoft windows 8.1