Heap Overflow Vulnerability in Adobe Flash Player: Arbitrary Code Execution via MP4 Header Parsing

Heap Overflow Vulnerability in Adobe Flash Player: Arbitrary Code Execution via MP4 Header Parsing

CVE-2017-2992 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability when parsing an MP4 header. Successful exploitation could lead to arbitrary code execution.

Learn more about our Web Application Penetration Testing UK.