The vulnerabilities resolved by the updates affect Windows, Linux, Chrome OS, and Mac operating systems that run Flash Versions 24.0.0.221 and earlier. The affected software version includes version (and earlier) of the desktop runtime (priority rating 1), AFP for Google Chrome (priority rating 1), as well as the flash player compatible with Microsoft Edge (priority rating 1) and Internet Explorer. CVE-2017-3001, 3002, and 3003 are use-after-free vulnerabilities that can enable code execution.They were found in the Action Script 2 VM garbage collection, Flash Action Script 2 Text Field Object, as well as in interaction between Action Script 2 Camera Object and the privacy user interface.These security flaws were reported by Qihoo 360 Vulcan Team’s Yuki Chen. ![]() It was reported by Wang Chenyu and Wu Hongjun. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |