CVE-2017-3076
CRITICALAdobe Flash Player <= 25.0.0.171 - Memory Corruption in MPEG-4 AVC Module
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2017-3076. PoCs published by Google Security Research.
AI-analyzed exploit summary This exploit triggers an out-of-bounds read vulnerability in AVC edge processing, leading to potential information leakage or denial of service. The PoC is provided as a binary file hosted on GitLab.
Description
Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the MPEG-4 AVC module. Successful exploitation could lead to arbitrary code execution.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Google Security Research · textdosmultiple
https://www.exploit-db.com/exploits/42247
This exploit triggers an out-of-bounds read vulnerability in AVC edge processing, leading to potential information leakage or denial of service. The PoC is provided as a binary file hosted on GitLab.
Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target:
AVC edge processing (specific version not specified)
No auth needed
Prerequisites:
Access to the target system's AVC edge processing component
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (6)
Core 6
Core References
Vendor Advisory x_refsource_confirm
https://helpx.adobe.com/security/products/flash-player/apsb17-17.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/99025
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1038655
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/42247/
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2017:1439
Third Party Advisory vendor-advisory
x_refsource_gentoo
https://security.gentoo.org/glsa/201707-15
Scores
CVSS v3
9.8
EPSS
0.2473
EPSS Percentile
97.6%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-119
Status
published
Products (2)
adobe/flash_player
< 25.0.0.171 (4 CPE variants)
n/a/Adobe Flash Player 25.0.0.171 and earlier.
Adobe Flash Player 25.0.0.171 and earlier.
Published
Jun 20, 2017
Tracked Since
Feb 18, 2026