Vulnerability Name:

CVE-2017-3001 (CCN-122975)

Assigned:2016-12-02
Published:2017-03-14
Updated:2023-01-24
Summary:
CVSS v3 Severity:8.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
7.7 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
8.8 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
7.7 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
9.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2017-3001

Source: CCN
Type: RHSA-2017-0526
Critical: flash-plugin security update

Source: psirt@adobe.com
Type: Third Party Advisory
psirt@adobe.com

Source: CCN
Type: BID-96861
Adobe Flash Player APSB17-07 Multiple Use After Free Remote Code Execution Vulnerabilities

Source: psirt@adobe.com
Type: Broken Link, Third Party Advisory, VDB Entry
psirt@adobe.com

Source: psirt@adobe.com
Type: Broken Link, Third Party Advisory, VDB Entry
psirt@adobe.com

Source: XF
Type: UNKNOWN
adobe-flash-cve20173001-code-exec(122975)

Source: CCN
Type: Adobe Security Bulletin APSB17-07
Security updates available for Adobe Flash Player

Source: psirt@adobe.com
Type: Patch, Vendor Advisory
psirt@adobe.com

Source: psirt@adobe.com
Type: Third Party Advisory
psirt@adobe.com

Source: CCN
Type: ZDI-17-174
Adobe Flash AS2 RemoveClip Opcode Use-After-Free Remote Code Execution Vulnerability

Source: CCN
Type: ZDI-17-175
Adobe Flash TextFormat getTextExtent Use-After-Free Remote Code Execution Vulnerability

Source: CCN
Type: ZDI-17-176
Adobe Flash Sound loadSound Use-After-Free Remote Code Execution Vulnerability

Source: CCN
Type: ZDI-17-177
Adobe Flash BitmapData Use-After-Free Remote Code Execution Vulnerability

Source: CCN
Type: ZDI-17-178
Adobe Flash Transform matrix Use-After-Free Remote Code Execution Vulnerability

Source: CCN
Type: ZDI-17-179
Adobe Flash MovieClip transform Use-After-Free Remote Code Execution Vulnerability

Oval Definitions
Definition IDClassTitleLast Modified
oval:org.opensuse.security:def:20173001
V
CVE-2017-3001
2022-05-20
oval:org.opensuse.security:def:47215
P
bind-9.9.9P1-62.1 on GA media (Moderate)
2021-08-16
oval:org.opensuse.security:def:47279
P
gstreamer-plugins-good-1.8.3-15.1 on GA media (Moderate)
2021-08-16
oval:org.opensuse.security:def:47310
P
libX11-6-1.6.2-11.1 on GA media (Moderate)
2021-08-16
oval:org.opensuse.security:def:47069
P
libpython3_4m1_0-3.4.1-12.1 on GA media (Moderate)
2021-08-16
oval:org.opensuse.security:def:47381
P
libneon27-0.30.0-3.64 on GA media (Moderate)
2021-08-16
oval:org.opensuse.security:def:47153
P
socat-1.7.2.4-3.1 on GA media (Moderate)
2021-08-16
oval:org.opensuse.security:def:48019
P
git-core-2.12.3-27.17.2 on GA media (Moderate)
2021-08-16
oval:org.opensuse.security:def:48073
P
libXcursor1-1.1.14-4.6.1 on GA media (Moderate)
2021-08-16
oval:org.opensuse.security:def:55926
P
Security update for the Linux Kernel (Important)
2021-07-20
oval:org.opensuse.security:def:46485
P
libgssglue1-0.4-3.76 on GA media (Moderate)
2021-06-08
oval:org.opensuse.security:def:11715
P
rtkit-0.11_git201205151338-8.17 on GA media (Moderate)
2021-06-08
oval:org.opensuse.security:def:46617
P
apache2-mod_perl-2.0.8-11.43 on GA media (Moderate)
2021-06-08
oval:org.opensuse.security:def:11761
P
at-3.1.14-7.3 on GA media (Moderate)
2021-06-08
oval:org.opensuse.security:def:11685
P
pam_krb5-2.4.4-4.5 on GA media (Moderate)
2021-06-08
oval:org.opensuse.security:def:46708
P
libXt6-1.1.4-3.59 on GA media (Moderate)
2021-06-08
oval:org.opensuse.security:def:11808
P
ft2demos-2.6.3-7.8.3 on GA media (Moderate)
2021-06-08
oval:org.opensuse.security:def:46855
P
tar-1.27.1-4.1 on GA media (Moderate)
2021-06-08
oval:org.opensuse.security:def:11823
P
gpg2-2.0.24-3.2 on GA media (Moderate)
2021-06-08
oval:org.opensuse.security:def:11984
P
patch-2.7.5-7.1 on GA media (Moderate)
2021-06-08
oval:org.opensuse.security:def:11842
P
kdump-0.8.15-28.5 on GA media (Moderate)
2021-06-08
oval:org.opensuse.security:def:11993
P
pidgin-otr-4.0.0-11.6 on GA media (Moderate)
2021-06-08
oval:org.opensuse.security:def:11917
P
libnewt0_52-0.52.16-1.83 on GA media (Moderate)
2021-06-08
oval:org.opensuse.security:def:12006
P
radvd-1.9.7-2.17 on GA media (Moderate)
2021-06-08
oval:org.opensuse.security:def:11942
P
libsoup-2_4-1-2.54.1-4.5 on GA media (Moderate)
2021-06-08
oval:org.opensuse.security:def:12644
P
libvorbis0-1.3.3-10.14.1 on GA media (Moderate)
2021-06-08
oval:org.opensuse.security:def:11693
P
perl-Tk-804.031-3.82 on GA media (Moderate)
2021-06-08
oval:org.opensuse.security:def:12666
P
mariadb-10.2.18-1.7 on GA media (Moderate)
2021-06-08
oval:org.opensuse.security:def:56000
P
Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP2) (Important)
2021-04-12
oval:org.opensuse.security:def:25232
P
Security update for sudo (Important)
2020-12-01
oval:org.opensuse.security:def:54531
P
libXxf86dga1 on GA media (Moderate)
2020-12-01
oval:org.opensuse.security:def:46159
P
Security update for python-cffi, python-cryptography (Moderate)
2020-12-01
oval:org.opensuse.security:def:25087
P
Security update for strongswan (Important)
2020-12-01
oval:org.opensuse.security:def:53972
P
glib2-lang on GA media (Moderate)
2020-12-01
oval:org.opensuse.security:def:25870
P
Security update for the Linux Kernel (Important)
2020-12-01
oval:org.opensuse.security:def:54569
P
liblzo2-2 on GA media (Moderate)
2020-12-01
oval:org.opensuse.security:def:24475
P
Security update for xrdp (Important)
2020-12-01
oval:org.opensuse.security:def:54257
P
libdcerpc-binding0-32bit on GA media (Moderate)
2020-12-01
oval:org.opensuse.security:def:25905
P
Security update for flash-player (Important)
2020-12-01
oval:org.opensuse.security:def:54650
P
perl-HTML-Parser on GA media (Moderate)
2020-12-01
oval:org.opensuse.security:def:24538
P
Security update for sqlite3 (Moderate)
2020-12-01
oval:org.opensuse.security:def:53127
P
Security update for samba (Important)
2020-12-01
oval:org.opensuse.security:def:54365
P
python-imaging on GA media (Moderate)
2020-12-01
oval:org.opensuse.security:def:24664
P
Security update for vim (Moderate)
2020-12-01
oval:org.opensuse.security:def:53149
P
Security update for ldb, samba (Important)
2020-12-01
oval:org.opensuse.security:def:24465
P
Security update for postgresql96 (Moderate)
2020-12-01
oval:org.opensuse.security:def:24745
P
Security update for perl-DBI (Important)
2020-12-01
oval:org.opensuse.security:def:53289
P
Security update for mariadb (Moderate)
2020-12-01
oval:org.opensuse.security:def:46160
P
Security update for spamassassin (Important)
2020-12-01
oval:org.opensuse.security:def:24801
P
Security update for postgresql96 (Important)
2020-12-01
oval:org.opensuse.security:def:53527
P
Security update for java-1_8_0-openjdk (Important)
2020-12-01
oval:org.opensuse.security:def:46173
P
Security update for bzip2 (Important)
2020-12-01
oval:org.opensuse.security:def:25174
P
Security update for tomcat (Important)
2020-12-01
oval:org.opensuse.security:def:53126
P
Security update for mercurial (Low)
2020-12-01
oval:org.opensuse.security:def:24884
P
Security update for java-1_8_0-ibm (Important)
2020-12-01
oval:org.opensuse.security:def:53700
P
Security update for gnutls (Moderate)
2020-12-01
oval:org.opensuse.security:def:46293
P
Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP3) (Important)
2020-12-01
oval:org.opensuse.security:def:25188
P
Security update for texlive (Moderate)
2020-12-01
oval:org.opensuse.security:def:54457
P
ecryptfs-utils on GA media (Moderate)
2020-12-01
oval:org.opensuse.security:def:25034
P
Security update for libgcrypt (Moderate)
2020-12-01
oval:org.opensuse.security:def:53806
P
Security update for dia (Moderate)
2020-12-01
oval:org.opensuse.security:def:78634
P
Security update for flash-player (Important)
2017-03-15
oval:com.ubuntu.precise:def:20173001000
V
CVE-2017-3001 on Ubuntu 12.04 LTS (precise) - high.
2017-03-14
oval:com.ubuntu.trusty:def:20173001000
V
CVE-2017-3001 on Ubuntu 14.04 LTS (trusty) - high.
2017-03-14
oval:com.ubuntu.xenial:def:20173001000
V
CVE-2017-3001 on Ubuntu 16.04 LTS (xenial) - high.
2017-03-14
BACK