CVE-2018-12827 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
adobe	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 92%

Vendor	Product	Version
adobe	flash_player	𝑥 ≤ 30.0.0.154
adobe	flash_player	𝑥 ≤ 30.0.0.154
adobe	flash_player	𝑥 ≤ 30.0.0.154
adobe	flash_player	𝑥 ≤ 30.0.0.154
redhat	enterprise_linux_desktop	6.0
redhat	enterprise_linux_server	6.0
redhat	enterprise_linux_workstation	6.0

𝑥

= Vulnerable software versions

Ubuntu Releases

Ubuntu Product

Codename

adobe-flashplugin

bionic	Fixed 30.0.0.154ubuntu0.18.04.1 released
xenial	Fixed 30.0.0.154ubuntu0.16.04.1 released
trusty	Fixed 30.0.0.154ubuntu0.14.04.1 released

flashplugin-nonfree

bionic	Fixed 1:20180814.1-0ubuntu0.18.04.2 released
xenial	Fixed 1:20180814.1-0ubuntu0.16.04.2 released
trusty	Fixed 1:20180814.1-0ubuntu0.14.04.2 released

Known Exploits!

Common Weakness Enumeration

CWE-125 - Out-of-bounds Read
The software reads data past the end, or before the beginning, of the intended buffer.

References

http://www.securityfocus.com/bid/105066

http://www.securitytracker.com/id/1041448

https://access.redhat.com/errata/RHSA-2018:2435

https://helpx.adobe.com/security/products/flash-player/apsb18-25.html

https://www.exploit-db.com/exploits/45268/

http://www.securityfocus.com/bid/105066

http://www.securitytracker.com/id/1041448

https://access.redhat.com/errata/RHSA-2018:2435

https://helpx.adobe.com/security/products/flash-player/apsb18-25.html

https://www.exploit-db.com/exploits/45268/