Adobe Flash Player version 27.0.0.159 and earlier has a flawed bytecode verification procedure, which allows for an untrusted value to be used in the calculation of an array index. This can lead to type confusion, and successful exploitation could lead to arbitrary code execution.
CVSS Details
- CVSS 3.1 Base Score: 8.8
- CVSS 3.1 Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
Covered by Rapid7
| Product | Vendor Advisory | Solution File | Added | Published |
|---|---|---|---|---|
| Arch Linux | arch-linux-upgrade-latest | Jul 11, 2025 | Oct 21, 2017 | |
| Centos_linux | — | centos-upgrade-flash-plugin | Aug 28, 2019 | Oct 22, 2017 |
| Flash_player | — | adobe-flash-upgrade-27-0-0-170-linuxadobe-flash-upgrade-27-0-0-170-macosxadobe-flash-upgrade-27-0-0-170-windows | Nov 14, 2017 | Oct 16, 2017 |
| Freebsd | freebsd-upgrade-package-linux-flashplayer | Oct 17, 2017 | Oct 17, 2017 | |
| Gentoo Linux | gentoo-linux-upgrade-www-plugins-adobe-flash | Oct 30, 2017 | Oct 22, 2017 | |
| Msft | msft-kb4049179-0649e791-5f48-4d1a-a4fc-8972d627c837msft-kb4049179-0826b980-3c38-4a7d-83a0-e19e6b09b181msft-kb4049179-10b2c2dc-bd69-4bf5-a460-30fa61307a21msft-kb4049179-1144fe12-51f2-4905-82a5-ed58f53cb283msft-kb4049179-1b6d2f14-9741-4095-a232-1e9da672e1a3msft-kb4049179-20f85046-18da-4510-95ca-6a8072191c47msft-kb4049179-3d6c6c64-31f7-4c80-a5f6-99636795cf9emsft-kb4049179-4565c62d-4387-430a-bfbe-2075fc3fd1camsft-kb4049179-582c168d-5dee-4028-94b7-5d10d00ed7e1msft-kb4049179-62012bb7-1402-4177-a3cd-93b89d2537damsft-kb4049179-8d45fed6-ab4f-4e49-b586-383dcba7b9camsft-kb4049179-a38e9a3b-0bec-48db-b09f-5f8c8a33c9f0msft-kb4049179-b0ff0866-9cce-4ad0-a247-149ea7db5e61msft-kb4049179-b27f238b-e5b7-41ae-ab9c-5afb206b2a01msft-kb4049179-c8354e86-cb76-4f58-92a7-57cab8c41136msft-kb4049179-eefca5a7-c6b4-4e6d-a742-1012a960d4f7msft-kb4049179-f164799b-ac29-433b-8093-f65097b3b919 | Oct 18, 2017 | Oct 18, 2017 | |
| Redhat_linux | — | redhat-upgrade-flash-plugin | Oct 25, 2017 | Oct 16, 2017 |
| Ubuntu | ubuntu-upgrade-adobe-flashpluginubuntu-upgrade-flashplugin-nonfree | Nov 19, 2024 | Oct 22, 2017 |
Prioritise with Active Threat Intelligence
With curated Threat Intelligence, you can see which vulnerabilities truly put you at risk, prioritize what matters most, and act before attackers do.
Explore Intelligence Hub