10
HIGH

CVE-2018-15982

Published: 18/01/2019 Updated: 29/01/2019
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

Vulnerability Summary

Flash Player versions 31.0.0.153 and previous versions, and 31.0.0.108 and previous versions have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution.

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Access Complexity: LOW
Authentication: NONE
Access Vector: NETWORK
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Vulnerability Trend

Affected Products

Vendor Advisories

Synopsis Critical: flash-plugin security update Type/Severity Security Advisory: Critical Topic An update for flash-plugin is now available for Red Hat Enterprise Linux 6 SupplementaryRed Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Scoring Syst ...
Flash Player versions 3100153 and earlier, and 3100108 and earlier have a use after free vulnerability Successful exploitation could lead to arbitrary code execution ...
Use after free in flashplugin 3100153 and earlier This vulnerability has been reported to be exploited in the wild ...
Adobe has released security updates for Adobe Flash Player for Windows, macOS, Linux and Chrome OS These updates address one critical vulnerability in Adobe Flash Player and one important vulnerability in Adobe Flash Player installer Successful exploitation could lead to Arbitrary Code Execution and privilege escalation in the context of th ...

Github Repositories

CVE-2018-15982 Flash sources for CVE-2018-15982 used by NK this is a dump of a fully weaponized activex obj used by NK threatpostcom/adobe-patches-zero-day-vulnerability-in-flash-player/139629/ Payloads are in Class 6 and 7

Credits @Ridter githubcom/Ridter/CVE-2018-15982_EXP @prsecurity githubcom/prsecurity/CVE-2018-15982 Description Aggressor Script to launch an Internet Explorer driveby attack using CVE-2018-15982 exploit for Flash player Affected Product Versions Adobe Flash Player <= 3100153 Adobe Flash Player Installer<= 3100108 Usage: Click Host &a

CVE-2018-15982_EXP Usage msfvenom -p windows/exec cmd=notepadexe -f raw > 86bin msfvenom -p windows/x64/exec cmd=notepadexe -f raw > 64bin python CVE_2018_15982py -i 86bin -I 64bin output expswf and indexhtml。 Demo twittercom/Evi1cg/status/1071284773169950721

CVE-2018-15982_EXP Usage msfvenom -p windows/exec cmd=calcexe -f raw > 86bin msfvenom -p windows/x64/exec cmd=calcexe -f raw > 64bin python CVE_2018_15982py -i 86bin -I 64bin output expswf and indexhtml。 Demo twittercom/Evi1cg/status/1071284773169950721

CVE-POC exploits for research CVE-2018-15982 Pop up a Calculator - requires Flash ActiveX3100153

CobaltStrike-Toolset Aggressor Script, Kit, Malleable C2 Profiles, External C2 and so on Kits ResourceKit ExploitKit Aggressor Script chromedump_mimikatzcna nopowershell SMBexec_psh Further Resources nopowershell smbexec_pshcna CVE-2018-15982 提示:ResourceKit包中部分功能为自定义功能需要修改cobaltstrikejar,如需修改版的请联系

Adobe Flash CVE-2018-15982 This script creates a swf payload for CVE-2018-15982, which is based off of the PoC from githubcom/smgorelik/Windows-RCE-exploits The vulnerability was discovered by Chenming Xu and Ed Miles of Gigamon ATR The vulnerability is a use-after-free flaw enabling arbitrary code-execution in Flash More information can be found in the links belo

CVE-2018-15982_PoC CVE-2018-15982_PoC The POC From AnyRun

Windows-RCE-exploits The exploit samples database is a repository for RCE (remote code execution) exploits and Proof-of-Concepts for WINDOWS, the samples are uploaded for education purposes for red and blue teams Proof of Concepts are alwayes idetified by #PoC# in the name of the relevant exploit folder, and those samples will alwayes pop out a calculator or a message box and

Adobe Flash CVE-2018-15982 This script creates a swf payload for CVE-2018-15982, which is based off of the PoC from githubcom/smgorelik/Windows-RCE-exploits The vulnerability was discovered by Chenming Xu and Ed Miles of Gigamon ATR The vulnerability is a use-after-free flaw enabling arbitrary code-execution in Flash More information can be found in the links belo

Exploit CVE-2018-15982

CVE-2018-15982 Flash 2018-15982 UAF p0cswf The exploit file Arabic writeup: xredteamcom/?p=253 twittercom/syfi2k wwwyoutubecom/watch?v=UBc9R4QqJyc&feature=youtube

VulRec Vulnerability Recurrence:漏洞复现仓库 漏洞的复现记录和复现说明 复现最新的漏洞 漏洞均为IE,Adobe,Microsoft Office等流行软件的漏洞 仅用于APT技术研究,请勿用于违法行为!! Thanks CVE-2018-15982 Ridter 表哥提提供的Exploit生成脚本 有些脚本来源于网络无法及时感谢那些提供的师傅和大佬们,

VulRec Vulnerability Recurrence:漏洞复现记录 漏洞的复现记录和复现说明 复现最新的漏洞 漏洞均为IE,Adobe,MicroSoft Office等流行软件的漏洞 用于APT技术研究 Thanks CVE-2018-15982 Ridter 表哥提提供的Exploit生成脚本 有些脚本来源于网络无法及时感谢那些提供的师傅和大佬们,在这里统一说声谢谢。

My Infosec Awesome My curated list of awesome links, resources and tools Articles Cryptography Digital Forensics and Incident Response Exploitation Hardening Malware Analysis Mobile Security Post Exploitation Privacy Reverse Engineering Tutorials Web Application Security Tools Adversary Emulation AWS Security Binary Analysis Cryptography Data Exfiltration Data Sets Digit

My Infosec Awesome My curated list of awesome links, resources and tools Articles Cryptography Digital Forensics and Incident Response Exploitation Hardening Malware Analysis Mobile Security Post Exploitation Privacy Reverse Engineering Tutorials Web Application Security Tools Adversary Emulation AWS Security Binary Analysis Cryptography Data Exfiltration Data Sets Digit

Awesome CVE PoC A curated list of CVE PoCs Here is a collection about Proof of Concepts of Common Vulnerabilities and Exposures, and you may also want to check out awesome-web-security Please read the contribution guidelines before contributing This repo is full of PoCs for CVEs If you enjoy this awesome list and would like to support it, check out my Patreon page :

Recent Articles

Adobe Patches Important Bugs in Connect and Digital Edition
Threatpost • Lindsey O'Donnell • 08 Jan 2019

Adobe released patches for two bugs rated “important” in its Adobe Digital Edition and Adobe Connect products.
The two important vulnerabilities, patched Tuesday, include an information disclosure bug in Adobe’s ebook reader software program, Digital Edition; as well as a session token exposure bug in its presentation and web conferencing software, Adobe Connect.
The “important” out of bounds read bug, CVE-2018-12817, is an information disclosure vulnerability impacting Ado...

Adobe December 2018 Security Update Fixes Reader, Acrobat
Threatpost • Tara Seals • 11 Dec 2018

Adobe has patched 88 vulnerabilities for Acrobat and Reader in its December Patch Tuesday update, including a slew of critical flaws that would allow arbitrary code-execution.
The scheduled update comes less than a week after Adobe released several out-of-band fixes for Flash Player, including a critical vulnerability (CVE-2018-15982) that it said is being exploited in the wild. That’s a use-after-free flaw enabling arbitrary code-execution in Flash.
The addressed critical vulnerab...

Adobe Flash Zero-Day Leveraged Via Office Docs in Campaign
Threatpost • Lindsey O'Donnell • 05 Dec 2018

An Adobe Flash Player zero-day exploit has been spotted in the wild as part of a widespread campaign, researchers said on Wednesday.
Adobe has just issued a patch for the previously unknown critical flaw.
The vulnerability, CVE-2018-15982, is a use-after-free flaw enabling arbitrary code execution in Flash. Researchers with Gigamon Applied Threat Research said the zero-day in Flash was being exploited via a Microsoft Office document dubbed “22.docx.”
Researchers said the d...

Adobe Patches Zero-Day Vulnerability in Flash Player
Threatpost • Lindsey O'Donnell • 05 Dec 2018

Adobe on Wednesday released several unscheduled fixes for Flash Player, including a critical vulnerability that it said is being exploited in the wild.
The critical vulnerability, CVE-2018-15982, is a use-after-free flaw enabling arbitrary code-execution in Flash.
“Adobe has released security updates for Adobe Flash Player for Windows, macOS, Linux and Chrome OS,” Adobe said in its release. “These updates address one critical vulnerability in Adobe Flash Player and one importan...

References