KLA11223
Multiple vulnerabilities in Adobe Flash Player
Updated: 06/26/2019
Detect date
?
04/10/2018
Severity
?
Critical
Description

Multiple serious vulnerabilities have been found in Adobe Flash Player. Malicious users can exploit these vulnerabilities to execute arbitrary code and obtain sensitive information.

  1. Use-After-Free vulnerability can be exploited remotely to execute arbitrary code;
  2. Out-of-bounds reading vulnerabilities can be exploited remotely to obtain sensitive information;
  3. Out-of-bounds writing vulnerabilities can be exploited remotely to execute arbitrary code;
  4. Heap overflow vulnerability can be exploited remotely to obtain sensitive information.

Technical details

To update Adobe Flash Player ActiveX (detected as Flash.ocx) on Windows 8 and higher, install latest updates from Control Panel

Affected products

Adobe Flash Player earlier than 29.0.0.140

Solution

Update to the latest version
Download Adobe Flash Player

Original advisories

APSB18-08

Impacts
?
ACE 
[?]

OSI 
[?]
Related products
Adobe Flash Player ActiveX
Adobe Flash Player NPAPI
Adobe Flash Player PPAPI
CVE-IDS
?
CVE-2018-49334.0Warning
CVE-2018-49345.0Critical
CVE-2018-493510.0Critical
CVE-2018-49365.0Critical
CVE-2018-493710.0Critical
CVE-2018-49329.0Critical