Adobe Flash Player <= 29.0.0.113 (apsb18-08)

  

Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. Publish Date: 2018-05-19 Last Update Date: 2018-10-21. Adobe Flash Player ) New! Plugin Severity Now Using CVSS v3. The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Current Description

  • Apr 11, 2018 - Adobe Flash Player for Google Chrome (29.0.0.113) and earlier (Windows, Macintosh, Linux and Chrome OS) - Adobe Flash Player for Microsoft Edge and Internet Explorer 11 (29.0.0.113) and earlier (Windows 10 and Windows 8.1) Users can check the version of Adobe Flash Player that they are using at the following link: Flash Player Help https.
  • The Adobe Flash Player is freeware software for viewing multimedia, executing Rich Internet Applications, and streaming video and audio, content created on the Adobe Flash platform. Notes This package is only for Windows XP to Windows 7, because Windows 8 already contains an integrated Flash Player for Internet Explorer.

Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.


Adobe Flash Player <= 29.0.0.113 (apsb18-08)

Analysis Description

Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

All Words(adobe Flash Player 8

Severity

All words(adobe flash player downloadCVSS 3.x Severity and Metrics:
NIST:NVD
Vector:NVD
(apsb18-08)
Vector:HyperlinkResourcehttp://www.securityfocus.com/bid/103708Third Party AdvisoryVDB Entryhttp://www.securitytracker.com/id/1040648Third Party AdvisoryVDB Entryhttps://access.redhat.com/errata/RHSA-2018:1119Third Party Advisoryhttps://helpx.adobe.com/security/products/flash-player/apsb18-08.htmlVendor Advisoryhttps://security.gentoo.org/glsa/201804-11Third Party Advisoryhttps://www.exploit-db.com/exploits/44529/Third Party AdvisoryVDB Entry

Weakness Enumeration

FlashPlayer

All Words(adobe Flash Player Download

CWE-IDCWE NameSource
CWE-787Out-of-bounds WriteNIST

Flash Player Download For Windows 7

Known Affected Software Configurations Switch to CPE 2.2

Flash Player Chrome

Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.

Change History

4 change records found show changes