Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 634456 (CVE-2017-11292) - <www-plugins/adobe-flash- Remote Code Execution (APSB17-32)
Summary: <www-plugins/adobe-flash- Remote Code Execution (APSB17-32)
Alias: CVE-2017-11292
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal major (vote)
Assignee: Gentoo Security
Whiteboard: A2 [glsa cve]
Depends on:
Reported: 2017-10-16 15:56 UTC by GLSAMaker/CVETool Bot
Modified: 2017-10-22 00:28 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description GLSAMaker/CVETool Bot gentoo-dev 2017-10-16 15:56:55 UTC
Incoming details
Comment 1 Thomas Deutschmann gentoo-dev 2017-10-16 16:02:21 UTC
From $URL:

Adobe has released a security update for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS. This update addresses a critical type confusion vulnerability that could lead to code execution.

Adobe is aware of a report that an exploit for CVE-2017-11292 exists in the wild, and is being used in limited, targeted attacks against users running Windows.
Comment 3 GLSAMaker/CVETool Bot gentoo-dev 2017-10-22 00:28:41 UTC
This issue was resolved and addressed in
 GLSA 201710-22 at
by GLSA coordinator Aaron Bauman (b-man).