UBUNTU-CVE-2017-2984

See a problem?
Please try reporting it to the source first.
Source
https://ubuntu.com/security/CVE-2017-2984
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2017/UBUNTU-CVE-2017-2984.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2017-2984
Related
  • CVE-2017-2984
Published
2017-02-15T06:59:00Z
Modified
2025-01-13T10:21:19Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
  • 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability in the h264 decoder routine. Successful exploitation could lead to arbitrary code execution.

References

Affected packages

Ubuntu:14.04:LTS / flashplugin-nonfree

Package

Name
flashplugin-nonfree
Purl
pkg:deb/ubuntu/flashplugin-nonfree@24.0.0.221ubuntu0.14.04.1?arch=source&distro=trusty

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
24.0.0.221ubuntu0.14.04.1

Affected versions

11.*

11.2.202.310ubuntu1
11.2.202.327ubuntu0.13.10.1
11.2.202.332ubuntu1
11.2.202.335ubuntu1
11.2.202.336ubuntu1
11.2.202.341ubuntu1
11.2.202.346ubuntu1
11.2.202.350ubuntu1
11.2.202.356ubuntu0.14.04.1
11.2.202.359ubuntu0.14.04.1
11.2.202.378ubuntu0.14.04.1
11.2.202.394ubuntu0.14.04.1
11.2.202.400ubuntu0.14.04.1
11.2.202.406ubuntu0.14.04.1
11.2.202.406ubuntu0.14.04.2
11.2.202.411ubuntu0.14.04.1
11.2.202.418ubuntu0.14.04.1
11.2.202.424ubuntu0.14.04.1
11.2.202.425ubuntu0.14.04.1
11.2.202.429ubuntu0.14.04.1
11.2.202.438ubuntu0.14.04.1
11.2.202.440ubuntu0.14.04.1
11.2.202.442ubuntu0.14.04.1
11.2.202.451ubuntu0.14.04.1
11.2.202.457ubuntu0.14.04.1
11.2.202.460ubuntu0.14.04.1
11.2.202.466ubuntu0.14.04.1
11.2.202.468ubuntu0.14.04.1
11.2.202.481ubuntu0.14.04.1
11.2.202.481ubuntu0.14.04.2
11.2.202.491ubuntu0.14.04.1
11.2.202.508ubuntu0.14.04.1
11.2.202.521ubuntu0.14.04.1
11.2.202.535ubuntu0.14.04.1
11.2.202.540ubuntu0.14.04.2
11.2.202.548ubuntu0.14.04.1
11.2.202.554ubuntu0.14.04.1
11.2.202.559ubuntu0.14.04.1
11.2.202.569ubuntu0.14.04.1
11.2.202.577ubuntu0.14.04.1
11.2.202.616ubuntu0.14.04.1
11.2.202.621ubuntu0.14.04.1
11.2.202.626ubuntu0.14.04.1
11.2.202.632ubuntu0.14.04.1
11.2.202.635ubuntu0.14.04.1
11.2.202.637ubuntu0.14.04.1
11.2.202.643ubuntu0.14.04.1
11.2.202.644ubuntu0.14.04.1

24.*

24.0.0.186ubuntu0.14.04.1
24.0.0.194ubuntu0.14.04.1

Ecosystem specific 

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "binary_version": "24.0.0.221ubuntu0.14.04.1",
            "binary_name": "flashplugin-downloader"
        },
        {
            "binary_version": "24.0.0.221ubuntu0.14.04.1",
            "binary_name": "flashplugin-installer"
        }
    ]
}

Ubuntu:16.04:LTS / flashplugin-nonfree

Package

Name
flashplugin-nonfree
Purl
pkg:deb/ubuntu/flashplugin-nonfree@24.0.0.221ubuntu0.16.04.1?arch=source&distro=xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
24.0.0.221ubuntu0.16.04.1

Affected versions

11.*

11.2.202.540ubuntu2
11.2.202.548ubuntu1
11.2.202.554ubuntu1
11.2.202.559ubuntu1
11.2.202.569ubuntu1
11.2.202.577ubuntu1
11.2.202.616ubuntu1
11.2.202.621ubuntu0.16.04.1
11.2.202.626ubuntu0.16.04.1
11.2.202.632ubuntu0.16.04.1
11.2.202.635ubuntu0.16.04.1
11.2.202.637ubuntu0.16.04.1
11.2.202.643ubuntu0.16.04.1
11.2.202.644ubuntu0.16.04.1

24.*

24.0.0.186ubuntu0.16.04.1
24.0.0.194ubuntu0.16.04.1

Ecosystem specific 

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "binary_version": "24.0.0.221ubuntu0.16.04.1",
            "binary_name": "flashplugin-downloader"
        },
        {
            "binary_version": "24.0.0.221ubuntu0.16.04.1",
            "binary_name": "flashplugin-installer"
        }
    ]
}