CVE-2018-5002
7.8
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
Adobe Flash Player versions 29.0.0.171 and earlier have a Stack-based buffer overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | Adobe Flash Player 29.0.0.171 and earlier versions | Adobe Flash Player 29.0.0.171 and earlier versions | affected |
Weaknesses
- Stack-based buffer overflow
ADP Enrichment
CVE Program Container
Additional References
- https://access.redhat.com/errata/RHSA-2018:1827
- http://www.securitytracker.com/id/1041058
- https://helpx.adobe.com/security/products/flash-player/apsb18-19.html
- https://security.gentoo.org/glsa/201806-02
- http://www.securityfocus.com/bid/104412
CISA ADP Vulnrichment
- SSVC:
- Exploitation: active
- Automatable: no
- Technical Impact: total
Additional References
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-5002
- https://github.com/cisagov/vulnrichment/issues/196
References
- https://access.redhat.com/errata/RHSA-2018:1827
- http://www.securitytracker.com/id/1041058
- https://helpx.adobe.com/security/products/flash-player/apsb18-19.html
- https://security.gentoo.org/glsa/201806-02
- http://www.securityfocus.com/bid/104412
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.