|CERT-In Vulnerability Note
Adobe Flash Player Remote code execution vulnerability
Original Issue Date:October 23, 2017
Severity Rating: HIGH
- Adobe Flash Player Desktop Runtime versions 220.127.116.11 and earlier for Windows, Macintosh and Linux
- Adobe Flash Player for Google Chrome versions 18.104.22.168 and earlier for Windows, Macintosh, Linux and Chrome OS
- Adobe Flash Player for Microsoft Edge and Internet Explorer 11 versions 22.214.171.124 and earlier for Windows 10 and 8.1
A vulnerability has been reported in Adobe Flash Player that could allow a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to improper memory operations by the affected software which could trigger a type confusion error condition. A remote attacker could exploit this vulnerability by convincing a user to open or visit link that contains specially crafted Flash content.
Successful exploitation of the vulnerability could allow remote attacker to execute arbitrary code with the privileges of currently logged-in user or could take full control of the affected system.
Apply appropriate security updates as mentioned in the
Adobe Security Bulletin APSB17-32
The information provided herein is on "as is" basis, without warranty of any kind.
Email: firstname.lastname@example.org Phone: +91-11-24368572
Indian Computer Emergency Response Team (CERT-In)
Ministry of Electronics and Information Technology
Government of India
6, CGO Complex, Lodhi Road,
New Delhi - 110 003