High severity8.8CISA KEVNVD Advisory· Published Oct 22, 2017· Updated Jun 17, 2026
CVE-2017-11292
CVE-2017-11292
Description
Adobe Flash Player version 27.0.0.159 and earlier has a flawed bytecode verification procedure, which allows for an untrusted value to be used in the calculation of an array index. This can lead to type confusion, and successful exploitation could lead to arbitrary code execution.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
8cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*+ 3 more
- cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*range: <=27.0.0.159
- cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*range: <=27.0.0.130
- cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*range: <=27.0.0.130
- (no CPE)range: <=27.0.0.159
- cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*Range: <=27.0.0.159
- cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
6- helpx.adobe.com/security/products/flash-player/apsb17-32.htmlnvdPatchVendor Advisory
- www.securityfocus.com/bid/101286nvdBroken LinkThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1039582nvdBroken LinkThird Party AdvisoryVDB Entry
- access.redhat.com/errata/RHSA-2017:2899nvdThird Party Advisory
- security.gentoo.org/glsa/201710-22nvdThird Party Advisory
- www.cisa.gov/known-exploited-vulnerabilities-catalognvdUS Government Resource
News mentions
0No linked articles in our index yet.