CVE-2017-11282

Publication date 1 December 2017

Last updated 25 August 2025


Ubuntu priority

Cvss 3 Severity Score

9.8 · Critical

Score breakdown

Description

Adobe Flash Player has an exploitable memory corruption vulnerability in the MP4 atom parser. Successful exploitation could lead to arbitrary code execution. This affects 26.0.0.151 and earlier.

Status

Package Ubuntu Release Status
flashplugin-nonfree 17.04 zesty
Fixed 27.0.0.130ubuntu0.17.04.1
16.04 LTS xenial
Fixed 27.0.0.130ubuntu0.16.04.1
14.04 LTS trusty
Fixed 27.0.0.130ubuntu0.14.04.1

Severity score breakdown

CVSS version: CVSS v3.0

Base score 9.8 · Critical

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H


Access our resources on patching vulnerabilities