CVE-2017-3083

Publication date 20 June 2017

Last updated 25 August 2025


Ubuntu priority

Cvss 3 Severity Score

9.8 · Critical

Score breakdown

Description

Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability in the Primetime SDK functionality related to the profile metadata of the media stream. Successful exploitation could lead to arbitrary code execution.

Status

Package Ubuntu Release Status
adobe-flashplugin 17.04 zesty
Fixed 1:20170613.2-0ubuntu0.17.04.1
16.10 yakkety
Fixed 1:20170613.2-0ubuntu0.16.10.1
16.04 LTS xenial
Fixed 1:20170613.2-0ubuntu0.16.04.1
14.04 LTS trusty
Fixed 1:20170613.2-0ubuntu0.14.04.1
flashplugin-nonfree 17.04 zesty
Fixed 26.0.0.126ubuntu0.17.04.1
16.10 yakkety
Fixed 26.0.0.126ubuntu0.16.10.1
16.04 LTS xenial
Fixed 26.0.0.126ubuntu0.16.04.1
14.04 LTS trusty
Fixed 26.0.0.126ubuntu0.14.04.1

Severity score breakdown

CVSS version: CVSS v3.0

Base score 9.8 · Critical

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H


Access our resources on patching vulnerabilities