CVE-2018-4871
7.5
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Exploitability: 3.9 / Impact: 3.6
Source: NVD
Description
An Out-of-bounds Read issue was discovered in Adobe Flash Player before 28.0.0.137. This vulnerability occurs because of computation that reads data that is past the end of the target buffer. The use of an invalid (out-of-range) pointer offset during access of internal data structure fields causes the vulnerability. A successful attack can lead to sensitive data exposure.
Affected (7)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 6.0 | |
| Version 6.0 | |
| Version 6.0 |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 28.0.0.126 |
| Running on/with | Platform Versions |
|---|---|
Google Chrome Os | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 28.0.0.126 |
| Running on/with | Platform Versions |
|---|---|
Microsoft Windows 10 | All versions |
Microsoft Windows 8.1 | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 28.0.0.126 |
| Running on/with | Platform Versions |
|---|---|
Apple Macos | All versions |
Linux Linux Kernel | All versions |
Microsoft Windows | All versions |
References (8)
Source: psirt@adobe.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.