Multiple vulnerabilities in Adobe Flash Player

Описание

Multiple serious vulnerabilities were found in Adobe Flash Player. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code.

Below is a complete list of vulnerabilities:

1. A out-of-bounds read vulnerability can be exploited remotely via specially crafted SWF file to obtain sensitive information;
2. A type confusion vulnerability can be exploited remotely via specially crafted SWF file to execute arbitrary code.

---

Technical details

To update Adobe Flash Player ActiveX (detected as Flash.ocx) on Windows 8 and higher, install latest updates from Control Panel

Первичный источник обнаружения

• APSB18-24
  

Эксплуатация

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

• Adobe-Flash-Player-ActiveX
• Adobe-Flash-Player-NPAPI
• Adobe-Flash-Player-PPAPI

Список CVE

• CVE-2018-5007
  high
• CVE-2018-5008
  warning

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com