Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
10
CVSSv2

CVE-2018-4877

Published: 06/02/2018 Updated: 08/09/2021
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 890
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Adobe

Vulnerability Summary

A use-after-free vulnerability exists in Adobe Flash Player prior to 28.0.0.161. This vulnerability occurs due to a dangling pointer in the Primetime SDK related to media player's quality of service functionality. A successful attack can lead to arbitrary code execution.

Vulnerable Product Search on Vulmon Subscribe to Product

adobe flash_player

redhat enterprise linux server 6.0

redhat enterprise linux workstation 6.0

redhat enterprise linux desktop 6.0

Vendor Advisories

Red Hat: Critical: flash-plugin security update
Synopsis Critical: flash-plugin security update Type/Severity Security Advisory: Critical Topic An update for flash-plugin is now available for Red Hat Enterprise Linux 6 SupplementaryRed Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Scoring Syst ...
Red Hat: CVE-2018-4877
A use-after-free vulnerability was discovered in Adobe Flash Player before 2800161 This vulnerability occurs due to a dangling pointer in the Primetime SDK related to media player's quality of service functionality A successful attack can lead to arbitrary code execution ...

Recent Articles

Adobe: Two critical Flash security bugs fixed for the price of one
The Register • Iain Thomson in San Francisco • 06 Feb 2018

Emergency patch lands, shuts pair of remote exploitable holes, one used by Norks

Adobe has issued an emergency security patch for two bugs in its Flash player – after North Korea's hackers were spotted exploiting one of the flaws to spy on people investigating the creepy hermit nation. At the start of the month, South Korea's Computer Emergency Response Team put the world on alert after it found miscreants abusing Flash to take control of and surveil Windows PCs in its country via Office documents carrying embedded malicious SWF files. Subsequent analysis showed the hackin...

Read more...

References

CWE-416https://helpx.adobe.com/security/products/flash-player/apsb18-03.htmlhttp://www.securityfocus.com/bid/102930https://access.redhat.com/errata/RHSA-2018:0285https://access.redhat.com/errata/RHSA-2018:0285https://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2018-4877
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserializationCVE-2024-4040cross-site scriptingCVE-2023-25790CVE-2024-2961XML external entityCVE-2024-26926CVE-2024-32806CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook