1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
|
Candidate: CVE-2017-2995
PublicDate: 2017-02-15
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2995
https://helpx.adobe.com/security/products/flash-player/apsb17-04.html
Description:
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable type
confusion vulnerability related to the MessageChannel class. Successful
exploitation could lead to arbitrary code execution.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to: chriscoulson
Patches_flashplugin-nonfree:
upstream_flashplugin-nonfree: needs-triage
precise_flashplugin-nonfree: released (24.0.0.221ubuntu0.12.04.1)
trusty_flashplugin-nonfree: released (24.0.0.221ubuntu0.14.04.1)
vivid/ubuntu-core_flashplugin-nonfree: DNE
vivid/stable-phone-overlay_flashplugin-nonfree: DNE
xenial_flashplugin-nonfree: released (24.0.0.221ubuntu0.16.04.1)
yakkety_flashplugin-nonfree: released (24.0.0.221ubuntu0.16.10.1)
devel_flashplugin-nonfree: released (24.0.0.221ubuntu1)
Patches_adobe-flashplugin:
upstream_adobe-flashplugin: needs-triage
precise_adobe-flashplugin: released (1:20170214.1-0ubuntu0.12.04.1)
trusty_adobe-flashplugin: released (1:20170214.1-0ubuntu0.14.04.1)
vivid/ubuntu-core_adobe-flashplugin: DNE
vivid/stable-phone-overlay_adobe-flashplugin: DNE
xenial_adobe-flashplugin: released (1:20170214.1-0ubuntu0.16.04.1)
yakkety_adobe-flashplugin: released (1:20170214.1-0ubuntu0.16.10.1)
devel_adobe-flashplugin: released (1:20170214.1-0ubuntu1)
|