CVE-2017-11282

CVE Database · CVE-2017-11282

CVE-2017-11282

· N/AModified

CVSS v3.1

N/A

EPSS

34.85%

Published

Dec 1, 2017

Modified

May 12, 2026

Public PoC / Exploit (2)

All weaponized →

Exploit-DBAdobe Flash - Out-of-Bounds Read in applyToRange TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Adobe Flash Player has an exploitable memory corruption vulnerability in the MP4 atom parser. Successful exploitation could lead to arbitrary code execution. This affects 26.0.0.151 and earlier.

Weaknesses (CWE)

CWE-119

Affected Products (16)

adobe · flash_playervulnerable

apple · macos

linux · linux_kernel

microsoft · windows

adobe · flash_playervulnerable

apple · macos

google · chrome_os

linux · linux_kernel

microsoft · windows

adobe · flash_playervulnerable

microsoft · windows_10

· windows_8.1

References (18)

http://packetstormsecurity.com/files/144332/Adobe-Flash-appleToRange-Out-Of-Bounds-Read.html

Third Party AdvisoryVDB Entry

http://www.securityfocus.com/bid/100716

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1039314

Third Party AdvisoryVDB Entry

https://access.redhat.com/errata/RHSA-2017:2702

Third Party Advisory

https://bugs.chromium.org/p/project-zero/issues/detail?id=1323

Third Party Advisory

https://helpx.adobe.com/security/products/flash-player/apsb17-28.html

KEV Catalog EPSS Scores Vendors All CVEs