Adobe Flash Player versions 26.0.0.137 and earlier have a security bypass vulnerability that leads to information disclosure when performing URL redirect.
2017-08-11T19:29:02.210
2025-04-20T01:37:25.860
Deferred
CVSSv3.1: 7.4 (HIGH)
AV:N/AC:M/Au:N/C:P/I:N/A:N
8.6
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | adobe | flash_player_desktop_runtime | ≤ 26.0.0.137 | Yes |
| Operating System | apple | mac_os_x | - | No |
| Operating System | linux | linux_kernel | - | No |
| Operating System | microsoft | windows | - | No |
| Application | adobe | flash_player | ≤ 26.0.0.137 | Yes |
| Application | adobe | flash_player | ≤ 26.0.0.137 | Yes |
| Operating System | microsoft | windows_10 | - | No |
| Operating System | microsoft | windows_8.1 | - | No |
| Application | adobe | flash_player | ≤ 26.0.0.137 | Yes |
| Operating System | apple | mac_os_x | - | No |
| Operating System | chrome_os | - | No | |
| Operating System | linux | linux_kernel | - | No |
| Operating System | microsoft | windows | - | No |
| Operating System | redhat | enterprise_linux | 6.0 | Yes |
| Operating System | redhat | enterprise_linux_desktop | 6.0 | Yes |
| Operating System | redhat | enterprise_linux_workstation | 6.0 | Yes |