KLA11191
Multiple use-after-free vulnerabilities in Adobe Flash Player
Updated: 06/18/2020
Detect date
?
02/01/2018
Severity
?
Critical
Description

Multiple use-after-free vulnerabilitires was found in Adobe Flash Player. By exploiting these vulnerabilities malicious users can execute arbitrary code. These vulnerabilities can be exploited remotely via a specially crafted Office documents with embedded malicious Flash content.


Technical details

To update Adobe Flash Player ActiveX (detected as Flash.ocx) on Windows 8 and higher, install latest updates from Control Panel

Affected products

Adobe Flash Player earlier than 28.0.0.161

Solution

Update to the latest version
Download Adobe Flash Player

Original advisories

APSB18-03
APSA18-01

Impacts
?
ACE 
[?]
Related products
Adobe Flash Player ActiveX
Adobe Flash Player NPAPI
Adobe Flash Player PPAPI
CVE-IDS
?
CVE-2018-48787.5Critical
CVE-2018-487710.0Critical
Exploitation

The following public exploits exists for this vulnerability:

https://www.exploit-db.com/exploits/44412

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.