Vulnerabilities Threats

English Russian Japanese LatAm Türkiye Brasil France Český Deutschland

KLA11380
Multiple vulnerabilities in Adobe Flash Player
Updated: 12/06/2018
CVSS
?
 10.0
Detect date
?
 12/05/2018
Severity
?
 Critical
Description

Multiple serious vulnerabilities were found in Adobe Flash Player. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges.

Below is a complete list of vulnerabilities:

  1. An use-after-free vulnerability can be exploited remotely via specially crafted file to execute arbitrary code;
  2. A DLL hijacking vulnerability can be exploited locally to gain privileges,

Technical details

To update Adobe Flash Player ActiveX (detected as Flash.ocx) on Windows 8 and higher, use the solution from KLA11381
Affected products

Adobe Flash Player earlier than 32.0.0.101
Solution

Update to the latest version
Flash Player Download Center
Original advisories

APSB18-42
Impacts
?
ACE 
[?]

PE 
[?]
Related products
 Adobe Flash Player ActiveX
Adobe Flash Player NPAPI
Adobe Flash Player PPAPI
CVE-IDS
?

CVE-2018-15982
CVE-2018-15983
© 2018 AO Kaspersky Lab. All Rights Reserved.
Privacy Policy

Up