CVE-2017-11281

CRITICAL

Adobe Flash Player < 26.0.0.151 - Memory Corruption

Title source: rule

Description

Adobe Flash Player has an exploitable memory corruption vulnerability in the text handling function. Successful exploitation could lead to arbitrary code execution. This affects 26.0.0.151 and earlier.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Google Security Research · textdosmultiple
https://www.exploit-db.com/exploits/42782
exploitdb WORKING POC VERIFIED
by Google Security Research · textdosmultiple
https://www.exploit-db.com/exploits/42781

References (8)

Scores

CVSS v3 9.8
EPSS 0.6093
EPSS Percentile 98.3%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-119
Status published
Products (5)
adobe/flash_player < 26.0.0.151 (4 CPE variants)
n/a/Adobe Flash Player 26.0.0.151 and earlier versions Adobe Flash Player 26.0.0.151 and earlier versions
redhat/enterprise_linux_desktop 6.0
redhat/enterprise_linux_server 6.0
redhat/enterprise_linux_workstation 6.0
Published Dec 01, 2017
Tracked Since Feb 18, 2026