Type Confusion Vulnerability in Adobe Flash Player: Arbitrary Code Execution via MessageChannel Class
CVE-2017-2995 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable type confusion vulnerability related to the MessageChannel class. Successful exploitation could lead to arbitrary code execution.
Learn more about our Web Application Penetration Testing UK.