Adobe Affected

Notified: March 24, 2015 Updated: September 05, 2017

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

It has been reported to us that CVE-2017-3085 is a form of Redirect to SMB affecting Flash Player. Adobe's security advisory recommends upgrading Flash Player to at least 26.0.0.151, which has addressed the issue.

Vendor References

https://helpx.adobe.com/security/products/flash-player/apsb17-23.html

Apple Unknown

Notified: March 24, 2015 Updated: March 24, 2015

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor References

AVG Anti-virus Software Affected

Notified: March 24, 2015 Updated: April 01, 2015

Statement Date: April 01, 2015

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Box.com Unknown

Notified: April 14, 2015 Updated: April 14, 2015

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Addendum

According to the reporter, the Box Sync client may be vulnerable in certain circumstances if the user accepts an SSL prompt. CERT/CC has been unable to confirm this so far.

COMODO Security Solutions, Inc. Unknown

Notified: March 24, 2015 Updated: March 24, 2015

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor References

Github Unknown

Updated: April 13, 2015

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Addendum

The GitHub for Windows installer has been reported to be affected by this vulnerability.

GoPro Unknown

Updated: April 13, 2015

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Addendum

GoPro Studio has been reported to be affected by this vulnerability.

JetBrains Unknown

Updated: April 13, 2015

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Addendum

The following software was reported to CERT/CC to be vulnerable; this information has not been verified yet: * IntelliJ IDEA * PyCharm

Microsoft Corporation Affected

Notified: March 11, 2015 Updated: April 01, 2015

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Oracle Corporation Affected

Notified: March 24, 2015 Updated: April 01, 2015

Statement Date: March 31, 2015

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Symantec Unknown

Notified: April 17, 2015 Updated: April 17, 2015

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor References

Unify Inc Unknown

Notified: April 17, 2015 Updated: April 17, 2015

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.