7.5
CVE-2018-5008
- EPSS 6.76%
- Veröffentlicht 20.07.2018 19:29:02
- Zuletzt bearbeitet 21.11.2024 04:07:54
- Quelle psirt@adobe.com
- CVE-Watchlists
- Unerledigt
Adobe Flash Player 30.0.0.113 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Adobe ≫ Flash Player Desktop Runtime Version <= 30.0.0.113
Adobe ≫ Flash Player SwPlatformchrome Version <= 30.0.0.113
Adobe ≫ Flash Player SwPlatformedge Version <= 30.0.0.113
Adobe ≫ Flash Player SwPlatforminternet_explorer_11 Version <= 30.0.0.113
Redhat ≫ Enterprise Linux Desktop Version6.0
Redhat ≫ Enterprise Linux Server Version6.0
Redhat ≫ Enterprise Linux Workstation Version6.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 6.76% | 0.931 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
CWE-125 Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.
http://www.securityfocus.com/bid/104698
http://www.securitytracker.com/id/1041248
https://access.redhat.com/errata/RHSA-2018:2175
https://helpx.adobe.com/security/products/flash-player/apsb18-24.html