Description
Multiple serious vulnerabilities have been found in Adobe Flash player. Malicious users can exploit these vulnerabilities to execute arbitrary code and obtain sensitive information.
Below is a complete list of vulnerabilities:
- Type Confusion vulnerability in Adobe Flash player can be exploited locally via a specially designed document file to execute arbitrary code;
- Integer Overflow vulnerability in Adobe Flash player can be exploited locally via a specially designed document file to obtain sensitive information;
- Out-of-bounds read vulnerability in Adobe Flash player can be exploited locally via a specially designed document file to obtain sensitive information;
- Stack-based buffer overflow vulnerability in Adobe Flash player can be exploited locally via a specially designed document file to execute arbitrary code.
Technical details
To update Adobe Flash Player ActiveX (detected as Flash.ocx) on Windows 8 and higher, install latest updates from Control Panel
Original advisories
Exploitation
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Related products
CVE list
- CVE-2018-4945 high
- CVE-2018-5000 warning
- CVE-2018-5001 warning
- CVE-2018-5002 critical
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!