Kaspersky Threats

KLA11223
Multiple vulnerabilities in Adobe Flash Player

Обновлено: 18/06/2020

Дата обнаружения	10/04/2018
Уровень угрозы	Critical
Описание	Multiple serious vulnerabilities have been found in Adobe Flash Player. Malicious users can exploit these vulnerabilities to execute arbitrary code and obtain sensitive information. Use-After-Free vulnerability can be exploited remotely to execute arbitrary code; Out-of-bounds reading vulnerabilities can be exploited remotely to obtain sensitive information; Out-of-bounds writing vulnerabilities can be exploited remotely to execute arbitrary code; Heap overflow vulnerability can be exploited remotely to obtain sensitive information. Technical details To update Adobe Flash Player ActiveX (detected as Flash.ocx) on Windows 8 and higher, install latest updates from Control Panel
Пораженные продукты	Adobe Flash Player earlier than 29.0.0.140
Решение	Update to the latest version Download Adobe Flash Player
Первичный источник обнаружения	APSB18-08
Оказываемое влияние ?	ACE [?] OSI [?]
Связанные продукты	Adobe Flash Player ActiveX Adobe Flash Player NPAPI Adobe Flash Player PPAPI
CVE-IDS	CVE-2018-49334.0Warning CVE-2018-49345.0Critical CVE-2018-493510.0Critical CVE-2018-49365.0Critical CVE-2018-493710.0Critical CVE-2018-49329.0Critical
Эксплуатация	The following public exploits exists for this vulnerability: https://www.exploit-db.com/exploits/44528 https://www.exploit-db.com/exploits/44527 https://www.exploit-db.com/exploits/44526 https://www.exploit-db.com/exploits/44529