Critical severity9.8NVD Advisory· Published Dec 9, 2017· Updated Jun 17, 2026
CVE-2017-11213
CVE-2017-11213
Description
An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer due to an integer overflow; the computation is part of the abstraction that creates an arbitrarily sized transparent or opaque bitmap image. The use of an invalid (out-of-range) pointer offset during access of internal data structure fields causes the vulnerability. A successful attack can lead to sensitive data exposure.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9<=27.0.0.183+ 5 more
- (no CPE)range: <=27.0.0.183
- cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*range: <=27.0.0.183
- cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*range: <=27.0.0.183
- cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*range: <=27.0.0.183
- cpe:2.3:a:adobe:flash_player:*:*:*:*:*:intenet_explorer_11:*:*range: <=27.0.0.183
- (no CPE)range: <=27.0.0.183
- cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
5- helpx.adobe.com/security/products/flash-player/apsb17-33.htmlnvdPatchVendor Advisory
- www.securityfocus.com/bid/101837nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1039778nvdThird Party AdvisoryVDB Entry
- access.redhat.com/errata/RHSA-2017:3222nvdThird Party AdvisoryVDB Entry
- security.gentoo.org/glsa/201711-13nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.