10
CVE-2018-4944
- EPSS 24.91%
- Published 19.05.2018 17:29:01
- Last modified 21.11.2024 04:07:45
- Source psirt@adobe.com
- Teams watchlist Login
- Open Login
Adobe Flash Player versions 29.0.0.140 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Data is provided by the National Vulnerability Database (NVD)
Adobe ≫ Flash Player Version <= 29.0.0.140
Redhat ≫ Enterprise Linux Desktop Version6.0
Redhat ≫ Enterprise Linux Server Version6.0
Redhat ≫ Enterprise Linux Workstation Version6.0
Adobe ≫ Flash Player SwPlatformedge Version <= 29.0.0.140
Adobe ≫ Flash Player SwPlatforminternet_explorer_11 Version <= 29.0.0.140
Adobe ≫ Flash Player SwPlatformchrome Version <= 29.0.0.140
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 24.91% | 0.959 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
CWE-704 Incorrect Type Conversion or Cast
The product does not correctly convert an object, resource, or structure from one type to a different type.