7.5

CVE-2018-4871

An Out-of-bounds Read issue was discovered in Adobe Flash Player before 28.0.0.137. This vulnerability occurs because of computation that reads data that is past the end of the target buffer. The use of an invalid (out-of-range) pointer offset during access of internal data structure fields causes the vulnerability. A successful attack can lead to sensitive data exposure.

Data is provided by the National Vulnerability Database (NVD)
AdobeFlash Player SwPlatformchrome Version <= 28.0.0.126
   ApplemacOS Version-
   GoogleChrome Os Version-
   LinuxLinux Kernel Version-
   MicrosoftWindows Version-
AdobeFlash Player SwPlatformedge Version <= 28.0.0.126
   MicrosoftWindows 10 Version-
   MicrosoftWindows 8.1 Version-
AdobeFlash Player SwPlatforminternet_explorer_11 Version <= 28.0.0.126
   MicrosoftWindows 10 Version-
   MicrosoftWindows 8.1 Version-
AdobeFlash Player Version <= 28.0.0.126
   ApplemacOS Version-
   LinuxLinux Kernel Version-
   MicrosoftWindows Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 2.76% 0.854
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

https://access.redhat.com/errata/RHSA-2018:0081
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/102465
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1040155
Third Party Advisory
VDB Entry