Candidate: CVE-2017-2997
PublicDate: 2017-03-14 16:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2997
 https://helpx.adobe.com/security/products/flash-player/apsb17-07.html
Description:
 Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable
 buffer overflow / underflow vulnerability in the Primetime TVSDK that
 supports customizing ad information. Successful exploitation could lead to
 arbitrary code execution.
Ubuntu-Description:
Notes:
Bugs:
Priority: high
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H [9.8 CRITICAL]

Patches_adobe-flashplugin:
upstream_adobe-flashplugin: needs-triage
precise_adobe-flashplugin: released (25.0.0.127ubuntu0.12.04.1)
trusty_adobe-flashplugin: released (25.0.0.127ubuntu0.14.04.1)
trusty/esm_adobe-flashplugin: DNE (trusty was released [25.0.0.127ubuntu0.14.04.1])
vivid/stable-phone-overlay_adobe-flashplugin: DNE
vivid/ubuntu-core_adobe-flashplugin: DNE
xenial_adobe-flashplugin: released (25.0.0.127ubuntu0.16.04.1)
yakkety_adobe-flashplugin: released (25.0.0.127ubuntu0.16.10.1)
devel_adobe-flashplugin: not-affected