| VID |
50134 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The version of Adobe Flash Player installed on the remote Windows host is equal or prior to version 27.0.0.159. It is, therefore, affected by an unspecified type confusion flaw that is caused by input not being properly validated. An unauthenticated, remote attacker can exploit this, by convincing a user to visit a website containing specially crafted Flash content, to trigger the vulnerability and potentially execute arbitrary code.
* References:
https://helpx.adobe.com/security/products/flash-player/apsb17-32.html
https://helpx.adobe.com/flash-player/kb/archived-flash-player-versions.html
* Platforms Affected:
Adobe Flash Player equal or prior to 27.0.0.159
Apple Mac OS X Any version
Linux Any version
Microsoft Windows Any version |
| Recommendation |
Upgrade to the latest version of Adobe Flash Player (27.0.0.159 later), available from the Adobe Web site at http://get.adobe.com/flashplayer/ |
| Related URL |
CVE-2017-11292 (CVE) |
| Related URL |
101286 (SecurityFocus) |
| Related URL |
(ISS) |
|
