KLA11191
Multiple use-after-free vulnerabilities in Adobe Flash Player
Updated: 02/13/2019
Detect date
?
02/01/2018
Severity
?
Critical
Description

Multiple use-after-free vulnerabilitires was found in Adobe Flash Player. By exploiting these vulnerabilities malicious users can execute arbitrary code. These vulnerabilities can be exploited remotely via a specially crafted Office documents with embedded malicious Flash content.


Technical details

To update Adobe Flash Player ActiveX (detected as Flash.ocx) on Windows 8 and higher, install latest updates from Control Panel

Affected products

Adobe Flash Player earlier than 28.0.0.161

Solution

Update to the latest version
Download Adobe Flash Player

Original advisories

APSB18-03
APSA18-01

Impacts
?
ACE 
[?]
Related products
Adobe Flash Player ActiveX
Adobe Flash Player NPAPI
Adobe Flash Player PPAPI
CVE-IDS
?

CVE-2018-4878
CVE-2018-4877