High severity8.8NVD Advisory· Published Feb 15, 2017· Updated Jun 17, 2026
CVE-2017-2985
CVE-2017-2985
Description
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in the ActionScript 3 BitmapData class. Successful exploitation could lead to arbitrary code execution.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*+ 2 more
- cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*range: <=24.0.0.194
- cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*range: <=24.0.0.194
- cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*range: <=24.0.0.194
- cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*Range: <=24.0.0.194
- osv-coords2 versionspkg:rpm/suse/flash-player&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1pkg:rpm/suse/flash-player&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP1
< 24.0.0.221-158.1+ 1 more
- (no CPE)range: < 24.0.0.221-158.1
- (no CPE)range: < 24.0.0.221-158.1
Patches
Vulnerability mechanics
References
6- helpx.adobe.com/security/products/flash-player/apsb17-04.htmlnvdPatchVendor Advisory
- www.exploit-db.com/exploits/41422/nvdExploitThird Party AdvisoryVDB Entry
- rhn.redhat.com/errata/RHSA-2017-0275.htmlnvdThird Party Advisory
- www.securityfocus.com/bid/96199nvdBroken LinkThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1037815nvdBroken LinkThird Party AdvisoryVDB Entry
- security.gentoo.org/glsa/201702-20nvdThird Party Advisory
News mentions
0No linked articles in our index yet.