10
CVE-2018-4944
- EPSS 24.91%
- Veröffentlicht 19.05.2018 17:29:01
- Zuletzt bearbeitet 21.11.2024 04:07:45
- Quelle psirt@adobe.com
- Teams Watchlist Login
- Unerledigt Login
Adobe Flash Player versions 29.0.0.140 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Adobe ≫ Flash Player Version <= 29.0.0.140
Redhat ≫ Enterprise Linux Desktop Version6.0
Redhat ≫ Enterprise Linux Server Version6.0
Redhat ≫ Enterprise Linux Workstation Version6.0
Adobe ≫ Flash Player SwPlatformedge Version <= 29.0.0.140
Adobe ≫ Flash Player SwPlatforminternet_explorer_11 Version <= 29.0.0.140
Adobe ≫ Flash Player SwPlatformchrome Version <= 29.0.0.140
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 24.91% | 0.959 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
CWE-704 Incorrect Type Conversion or Cast
The product does not correctly convert an object, resource, or structure from one type to a different type.