Adobe Flash Player versions 28.0.0.161 and earlier have an exploitable use after free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/103385 | Broken Link Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1040509 | Broken Link Third Party Advisory VDB Entry |
https://access.redhat.com/errata/RHSA-2018:0520 | Third Party Advisory |
https://helpx.adobe.com/security/products/flash-player/apsb18-05.html | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
History
18 Nov 2022, 16:25
Type | Values Removed | Values Added |
---|---|---|
References | (SECTRACK) http://www.securitytracker.com/id/1040509 - Broken Link, Third Party Advisory, VDB Entry | |
References | (MISC) https://helpx.adobe.com/security/products/flash-player/apsb18-05.html - Patch, Vendor Advisory | |
References | (BID) http://www.securityfocus.com/bid/103385 - Broken Link, Third Party Advisory, VDB Entry | |
CVSS |
v2 : v3 : |
v2 : 9.3
v3 : 8.8 |
CPE | cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:* cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:* cpe:2.3:o:google:chrome_os:*:*:*:*:*:*:*:* cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_11:*:* |
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:* cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:* |
Information
Published : 2018-05-19 17:29
Updated : 2024-02-04 19:46
NVD link : CVE-2018-4919
Mitre link : CVE-2018-4919
CVE.ORG link : CVE-2018-4919
JSON object : View
Products Affected
- chrome_os
microsoft
- windows
- windows_8.1
- windows_10
apple
- mac_os_x
adobe
- flash_player
- flash_player_desktop_runtime
linux
- linux_kernel
CWE
CWE-416
Use After Free