{"id":"CVE-2017-3106","details":"Adobe Flash Player versions 26.0.0.137 and earlier have an exploitable type confusion vulnerability when parsing SWF files. Successful exploitation could lead to arbitrary code execution.","modified":"2026-03-14T14:27:59.065521Z","published":"2017-08-11T19:29:02.273Z","related":["MGASA-2017-0314"],"references":[{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/100190"},{"type":"ADVISORY","url":"http://www.securitytracker.com/id/1039088"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:2457"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201709-16"},{"type":"FIX","url":"https://helpx.adobe.com/security/products/flash-player/apsb17-23.html"},{"type":"EVIDENCE","url":"https://www.exploit-db.com/exploits/42480/"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-3106.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"6.0"}]},{"events":[{"introduced":"0"},{"last_affected":"6.0"}]},{"events":[{"introduced":"0"},{"last_affected":"6.0"}]},{"events":[{"introduced":"0"},{"last_affected":"26.0.0.137"}]},{"events":[{"introduced":"0"},{"last_affected":"26.0.0.137"}]},{"events":[{"introduced":"0"},{"last_affected":"26.0.0.137"}]},{"events":[{"introduced":"0"},{"last_affected":"26.0.0.137"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}