CVE-2018-5002
CVE-2018-5002
In short
Adobe Flash Player has a flaw where too much data can overflow a memory buffer on the stack, potentially allowing an attacker to run malicious code on your computer with your user's permissions.
Technical detail
Stack-based buffer overflow in Adobe Flash Player ≤29.0.0.171 allows remote code execution in user context through malformed input; exploitation requires user interaction (typically media playback) and results in arbitrary code execution with current user privileges.
Summary generated and translated by AI from the official description.
Adobe Flash Player versions 29.0.0.171 and earlier have a Stack-based buffer overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected products
n/a · Adobe Flash Player 29.0.0.171 and earlier versionsWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://access.redhat.com/errata/RHSA-2018:1827https://github.com/cisagov/vulnrichment/issues/196https://helpx.adobe.com/security/products/flash-player/apsb18-19.htmlhttps://security.gentoo.org/glsa/201806-02https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-5002http://www.securityfocus.com/bid/104412http://www.securitytracker.com/id/1041058