| Summary: | <www-plugins/adobe-flash-27.0.0.170: Remote Code Execution (APSB17-32) | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | GLSAMaker/CVETool Bot <glsamaker> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | major | CC: | desktop-misc, jer |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | https://helpx.adobe.com/security/products/flash-player/apsb17-32.html | ||
| Whiteboard: | A2 [glsa cve] | ||
| Package list: |
=www-plugins/adobe-flash-27.0.0.170
|
Runtime testing required: | --- |
|
Description
GLSAMaker/CVETool Bot
2017-10-16 15:56:55 UTC
From $URL: Adobe has released a security update for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS. This update addresses a critical type confusion vulnerability that could lead to code execution. Adobe is aware of a report that an exploit for CVE-2017-11292 exists in the wild, and is being used in limited, targeted attacks against users running Windows. Stable: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=38fa8e04deabf1e822f2fd224e0c738ccac7ceee Cleanup: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=84e62a195fb087196ed15d847425dd147f85da0b New GLSA request filed. This issue was resolved and addressed in GLSA 201710-22 at https://security.gentoo.org/glsa/201710-22 by GLSA coordinator Aaron Bauman (b-man). |