KLA11284
Multiple vulnerabilities in Adobe Flash Player
Обновлено: 26/06/2019
Дата обнаружения
10/07/2018
Уровень угрозы
Critical
Описание

Multiple serious vulnerabilities were found in Adobe Flash Player. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code.

Below is a complete list of vulnerabilities:

  1. A out-of-bounds read vulnerability can be exploited remotely via specially crafted SWF file to obtain sensitive information;
  2. A type confusion vulnerability can be exploited remotely via specially crafted SWF file to execute arbitrary code.

Technical details

To update Adobe Flash Player ActiveX (detected as Flash.ocx) on Windows 8 and higher, install latest updates from Control Panel

Пораженные продукты

Adobe Flash Player earlier than 30.0.0.134

Решение

Update to the latest version
Flash Player Download Center

Первичный источник обнаружения
APSB18-24
Оказываемое влияние
?
ACE 
[?]

OSI 
[?]
Связанные продукты
Adobe Flash Player ActiveX
Adobe Flash Player NPAPI
Adobe Flash Player PPAPI
CVE-IDS
CVE-2018-50078.8Critical
CVE-2018-50087.5Critical