CVE-2017-3066

Vulnerability Profile Updated a month ago
Download STIX
Preview STIX
CVE-2017-3066 is a critical vulnerability that affects Adobe Flash Player. Discovered in February 2017, the vulnerability allows an attacker to remotely execute arbitrary code on a victim's computer by exploiting a use-after-free bug in the software. This means that an attacker can take control of a user's computer simply by getting them to visit a malicious website or clicking on a malicious link. When the vulnerability was first discovered, Adobe issued a security advisory and released an update to address the issue. However, it wasn't until a few months later that the vulnerability started to be actively exploited in the wild. In April 2017, researchers at Proofpoint discovered a new exploit kit called "Seamless" that was using CVE-2017-3066 to deliver malware to victims' computers. The exploit kit was primarily used in targeted attacks against organizations in Russia and South Korea. The discovery and exploitation of CVE-2017-3066 highlights the importance of keeping software up-to-date and being vigilant about potential security threats. Even though a patch had been released, many users failed to apply it, leaving their systems vulnerable to attack. Additionally, the targeted nature of the attacks shows that even seemingly minor vulnerabilities can be used as part of a larger attack campaign. As such, it is crucial that organizations have robust security measures in place to protect against both known and unknown threats.
What's your take? (Question 1 of 0)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
CVE-2017-10271Unspecified
1
CVE-2017-10271 is a critical vulnerability that was identified in Oracle's WebLogic WLS Security Component. This flaw in software design or implementation allows for Remote Code Execution (RCE), which can be exploited by malicious actors to gain unauthorized access and control over affected systems.
Source Document References
Information about the CVE-2017-3066 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
MITRE
a year ago
Rocke: The Champion of Monero Miners