CVE-2018-4871

An Out-of-bounds Read issue was discovered in Adobe Flash Player before 28.0.0.137. This vulnerability occurs because of computation that reads data that is past the end of the target buffer. The use of an invalid (out-of-range) pointer offset during access of internal data structure fields causes the vulnerability. A successful attack can lead to sensitive data exposure.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
adobeCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 85%
VendorProductVersion
redhatenterprise_linux_desktop
6.0
redhatenterprise_linux_server
6.0
redhatenterprise_linux_workstation
6.0
adobeflash_player
𝑥
≤ 28.0.0.126
adobeflash_player
𝑥
≤ 28.0.0.126
adobeflash_player
𝑥
≤ 28.0.0.126
adobeflash_player
𝑥
≤ 28.0.0.126
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/102465
http://www.securitytracker.com/id/1040155
https://access.redhat.com/errata/RHSA-2018:0081
https://helpx.adobe.com/security/products/flash-player/apsb18-01.html
http://www.securityfocus.com/bid/102465
http://www.securitytracker.com/id/1040155
https://access.redhat.com/errata/RHSA-2018:0081
https://helpx.adobe.com/security/products/flash-player/apsb18-01.html