Flash Player < 184.108.40.206 Multiple RCE (APSB17-15)
Critical Nessus Network Monitor Plugin ID 700091
SynopsisThe remote host is running an outdated version of Adobe Flash Player that is affected by multiple Remote Code Execution (RCE) attack vectors.
DescriptionVersions of Adobe Flash Player prior to 220.127.116.11 are unpatched, and therefore affected by the following RCE vulnerabilities :
- A use-after-free error exists that allows an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-3071)
- Multiple memory corruption issues exist that allow an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-3068, CVE-2017-3069, CVE-2017-3070, CVE-2017-3072, CVE-2017-3073, CVE-2017-3074)
SolutionUpgrade to Adobe Flash Player version 18.104.22.168 or later.