CVE-2018-4871

An Out-of-bounds Read issue was discovered in Adobe Flash Player before 28.0.0.137. This vulnerability occurs because of computation that reads data that is past the end of the target buffer. The use of an invalid (out-of-range) pointer offset during access of internal data structure fields causes the vulnerability. A successful attack can lead to sensitive data exposure.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 90%
Affected Products (NVD)
VendorProductVersion
redhatenterprise_linux_desktop
6.0
redhatenterprise_linux_server
6.0
redhatenterprise_linux_workstation
6.0
adobeflash_player
𝑥
≤ 28.0.0.126
adobeflash_player
𝑥
≤ 28.0.0.126
adobeflash_player
𝑥
≤ 28.0.0.126
adobeflash_player
𝑥
≤ 28.0.0.126
𝑥
= Vulnerable software versions
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
flash-plugin
RHEL 6
0:28.0.0.137-1.el6_9
fixed
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/102465
http://www.securitytracker.com/id/1040155
https://access.redhat.com/errata/RHSA-2018:0081
https://helpx.adobe.com/security/products/flash-player/apsb18-01.html
http://www.securityfocus.com/bid/102465
http://www.securitytracker.com/id/1040155
https://access.redhat.com/errata/RHSA-2018:0081
https://helpx.adobe.com/security/products/flash-player/apsb18-01.html