VDB
CVE-2017-3073
CVE-2017-3073
PUBLISHED
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when handling multiple mask properties of display objects, aka memory corruption. Successful exploitation could lead to arbitrary code execution.
EPSS 2.23% · 84.8th percentile
Risk Scores
EPSS Score
2.23%
84.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:16.04:LTS | flashplugin-nonfree | 0, 11.2.202.540ubuntu2, 11.2.202.548ubuntu1 |
| Ubuntu:14.04:LTS | flashplugin-nonfree | 11.2.202.440ubuntu0.14.04.1, 11.2.202.451ubuntu0.14.04.1, 11.2.202.457ubuntu0.14.04.1 |
Timeline
- May 9, 2017 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- May 2, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 5, 2022 EPSS Score
- Jan 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
References
- https://ubuntu.com/security/CVE-2017-3073 third-party-advisory
- https://helpx.adobe.com/security/products/flash-player/apsb17-15.html third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2017-3073 third-party-advisory