6.5

CVE-2018-5000

Adobe Flash Player versions 29.0.0.171 and earlier have an Integer Overflow vulnerability. Successful exploitation could lead to information disclosure.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AdobeFlash Player Desktop Runtime Version <= 29.0.0.171
   ApplemacOS X Version-
   LinuxLinux Kernel Version-
   MicrosoftWindows Version-
AdobeFlash Player SwPlatformchrome Version <= 29.0.0.171
   ApplemacOS X Version-
   GoogleChrome Os Version-
   LinuxLinux Kernel Version-
   MicrosoftWindows Version-
AdobeFlash Player SwPlatformedge Version <= 29.0.0.171
   MicrosoftWindows 10 Version-
   MicrosoftWindows 8.1 Version-
AdobeFlash Player SwPlatforminternet_explorer_11 Version <= 29.0.0.171
   MicrosoftWindows 10 Version-
   MicrosoftWindows 8.1 Version-
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 14.49% 0.962
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.5 2.8 3.6
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:P/I:N/A:N
CWE-190 Integer Overflow or Wraparound

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

https://security.gentoo.org/glsa/201806-02
Third Party Advisory
http://www.securityfocus.com/bid/104413
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1041058
Third Party Advisory
VDB Entry
https://access.redhat.com/errata/RHSA-2018:1827
Third Party Advisory
https://helpx.adobe.com/security/products/flash-player/apsb18-19.html
Patch
Vendor Advisory