KLA11223
Multiple vulnerabilities in Adobe Flash Player
Updated: 07/05/2018
CVSS
?
7.5
Detect date
?
04/10/2018
Severity
?
Critical
Description

Multiple serious vulnerabilities have been found in Adobe Flash Player. Malicious users can exploit these vulnerabilities to execute arbitrary code and obtain sensitive information.

  1. Use-After-Free vulnerability can be exploited remotely to execute arbitrary code;
  2. Out-of-bounds reading vulnerabilities can be exploited remotely to obtain sensitive information;
  3. Out-of-bounds writing vulnerabilities can be exploited remotely to execute arbitrary code;
  4. Heap overflow vulnerability can be exploited remotely to obtain sensitive information.
Affected products

Adobe Flash Player earlier than 29.0.0.140

Solution

Update to the latest version
Download Adobe Flash Player

Original advisories

APSB18-08

Impacts
?
ACE 
[?]

OSI 
[?]
Related products
Adobe Flash Player PPAPI
Adobe Flash Player NPAPI
Adobe Flash Player ActiveX
CVE-IDS
?

CVE-2018-4937
CVE-2018-4936
CVE-2018-4935
CVE-2018-4934
CVE-2018-4933
CVE-2018-4932