10

CVE-2018-5002

Warnung

Adobe Flash Player versions 29.0.0.171 and earlier have a Stack-based buffer overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AdobeFlash Player Desktop Runtime Version <= 29.0.0.171
   ApplemacOS X Version-
   LinuxLinux Kernel Version-
   MicrosoftWindows Version-
AdobeFlash Player SwPlatformchrome Version <= 29.0.0.171
   ApplemacOS X Version-
   GoogleChrome Os Version-
   LinuxLinux Kernel Version-
   MicrosoftWindows Version-
AdobeFlash Player SwPlatformedge Version <= 29.0.0.171
   MicrosoftWindows 10 Version-
   MicrosoftWindows 8.1 Version-
AdobeFlash Player SwPlatforminternet_explorer_11 Version <= 29.0.0.171
   MicrosoftWindows 10 Version-
   MicrosoftWindows 8.1 Version-

23.05.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog

Adobe Flash Player Stack-based Buffer Overflow Vulnerability

Schwachstelle

Adobe Flash Player have a stack-based buffer overflow vulnerability that could lead to remote code execution.

Beschreibung

The impacted product is end-of-life and should be disconnected if still in use.

Erforderliche Maßnahmen
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 37.38% 0.971
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

http://www.securitytracker.com/id/1041058
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/104412
Third Party Advisory
VDB Entry