CVE-2018-4878

Warning

Media report

Exploit

EPSS 93.16%
Published 06.02.2018 21:29:00
Last modified 13.02.2025 17:38:59
Source psirt@adobe.com
Teams watchlist Login
Open Login

A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This vulnerability occurs due to a dangling pointer in the Primetime SDK related to media player handling of listener objects. A successful attack can lead to arbitrary code execution. This was exploited in the wild in January and February 2018.

Affected products Warnungen 1 Metrics 4 CWE 1 References 17

Data is provided by the National Vulnerability Database (NVD)

Adobe ≫ Flash Player Version < 28.0.0.161

   Apple ≫ macOS Version-
   Linux ≫ Linux Kernel Version-
   Microsoft ≫ Windows Version-

Redhat ≫ Enterprise Linux Desktop Version6.0

Redhat ≫ Enterprise Linux Server Version6.0

Redhat ≫ Enterprise Linux Workstation Version6.0

Adobe ≫ Flash Player SwPlatformedge Version < 28.0.0.161

Microsoft ≫ Windows 10
Microsoft ≫ Windows 8.1

Adobe ≫ Flash Player SwPlatforminternet_explorer_11 Version < 28.0.0.161

Microsoft ≫ Windows 10
Microsoft ≫ Windows 8.1

Adobe ≫ Flash Player SwPlatformchrome Version < 28.0.0.161

   Apple ≫ macOS Version-
   Google ≫ Chrome Os Version-
   Linux ≫ Linux Kernel Version-
   Microsoft ≫ Windows Version-

03.11.2021: CISA Known Exploited Vulnerabilities (KEV) Catalog

Adobe Flash Player Use-After-Free Vulnerability

Vulnerability

Adobe Flash Player contains a use-after-free vulnerability that could allow for code execution.

Description

The impacted product is end-of-life and should be disconnected if still in use.

Required actions

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	93.16%	0.998

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P
134c704f-9b21-4f2e-91b3-4a467353bcc0	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

https://access.redhat.com/errata/RHSA-2018:0285

Third Party Advisory

https://helpx.adobe.com/security/products/flash-player/apsb18-03.html

Vendor Advisory

http://blog.talosintelligence.com/2018/02/group-123-goes-wild.html

Third Party Advisory

Technical Description

http://www.securityfocus.com/bid/102893

Broken Link

http://www.securitytracker.com/id/1040318

Broken Link

https://blog.morphisec.com/flash-exploit-cve-2018-4878-spotted-in-the-wild-massive-malspam-campaign