Critical severity9.8NVD Advisory· Published Dec 9, 2017· Updated May 13, 2026

CVE-2017-11215

Description

An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the Primetime SDK. The mismatch between an old and a new object can provide an attacker with unintended memory access -- potentially leading to code corruption, control-flow hijack, or an information leak attack. Successful exploitation could lead to arbitrary code execution.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

helpx.adobe.com/security/products/flash-player/apsb17-33.htmlnvdPatchVendor Advisory
www.securityfocus.com/bid/101837nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1039778nvdThird Party AdvisoryVDB Entry
access.redhat.com/errata/RHSA-2017:3222nvdThird Party AdvisoryVDB Entry
security.gentoo.org/glsa/201711-13nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.637
epss	0.005
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000