CVE-2017-3068 — Vulnetix

CVE-2017-3068 PUBLISHED

Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Advanced Video Coding engine. Successful exploitation could lead to arbitrary code execution.

EPSS 68.46% · 98.6th percentile

Risk Scores

EPSS Score

68.46%

98.6th percentile

Affected Products

Vendor	Product	Versions
Ubuntu:14.04:LTS	flashplugin-nonfree	0, 11.2.202.310ubuntu1, 11.2.202.327ubuntu0.13.10.1
Ubuntu:16.04:LTS	flashplugin-nonfree	0, 11.2.202.548ubuntu1, 11.2.202.559ubuntu1

Exploit Intelligence

https://www.exploit-db.com/exploits/42017/ (nist-nvd)
Adobe Flash - AVC Deblocking Out-of-Bounds Read Exploit (0day-today)
Adobe Flash - AVC Deblocking Out-of-Bounds Read Exploit (0day-today)

Timeline

May 9, 2017 CVE Published
May 17, 2017 PoC Published
Apr 14, 2021 EPSS Score
Aug 24, 2021 EPSS Score
Dec 27, 2021 EPSS Score
Feb 4, 2022 EPSS Score
May 2, 2022 EPSS Score
Sep 5, 2022 EPSS Score
Jan 8, 2023 EPSS Score
Mar 11, 2023 EPSS Score
Mar 19, 2023 EPSS Score
May 8, 2023 EPSS Score

References

https://ubuntu.com/security/CVE-2017-3068 third-party-advisory
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3069 third-party-advisory
https://helpx.adobe.com/security/products/flash-player/apsb17-15.html third-party-advisory
https://www.cve.org/CVERecord?id=CVE-2017-3068 third-party-advisory

Open in Interactive Console →