CVE-2017-11281

critical

Description

Adobe Flash Player has an exploitable memory corruption vulnerability in the text handling function. Successful exploitation could lead to arbitrary code execution. This affects 26.0.0.151 and earlier.

References

Advisories
More

https://www.exploit-db.com/exploits/42782/

https://www.exploit-db.com/exploits/42781/

https://security.gentoo.org/glsa/201709-16

https://access.redhat.com/errata/RHSA-2017:2702

http://www.securitytracker.com/id/1039314

http://www.securityfocus.com/bid/100710

https://helpx.adobe.com/security/products/flash-player/apsb17-28.html

Details

Source: Mitre, NVD

Published: 2017-12-01

Updated: 2025-04-20

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.25181

Detections

Analytics