{"id":"MGASA-2017-0377","summary":"Updated flash-player-plugin packages fix security vulnerability","details":"Adobe Flash Player 27.0.0.170 addresses a critical type confusion\nvulnerability that could lead to code execution (CVE-2017-11292).\n\nAdobe is aware of a report that an exploit for CVE-2017-11292 exists in\nthe wild, and is being used in limited, targeted attacks against users\nrunning Windows.\n","modified":"2026-04-16T06:23:40.442820059Z","published":"2017-10-18T20:19:34Z","upstream":["CVE-2017-11292"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2017-0377.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=21883"},{"type":"WEB","url":"https://helpx.adobe.com/security/products/flash-player/apsb17-32.html"}],"affected":[{"package":{"name":"flash-player-plugin","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/flash-player-plugin?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"27.0.0.170-1.mga5.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2017-0377.json"}},{"package":{"name":"flash-player-plugin","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/flash-player-plugin?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"27.0.0.170-1.mga6.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2017-0377.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}