CVE-2018-4944

EUVD-2018-16729
Adobe Flash Player versions 29.0.0.140 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 95%
Affected Products (NVD)
VendorProductVersion
adobeflash_player
𝑥
≤ 29.0.0.140
redhatenterprise_linux_desktop
6.0
redhatenterprise_linux_server
6.0
redhatenterprise_linux_workstation
6.0
adobeflash_player
𝑥
≤ 29.0.0.140
adobeflash_player
𝑥
≤ 29.0.0.140
adobeflash_player
𝑥
≤ 29.0.0.140
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
adobe-flashplugin
artful
Fixed 1:20180508.1-0ubuntu0.17.10.1
released
bionic
Fixed 1:20180508.1-0ubuntu1
released
trusty
Fixed 1:20180508.1-0ubuntu0.14.04.1
released
xenial
Fixed 1:20180508.1-0ubuntu0.16.04.1
released
flashplugin-nonfree
artful
Fixed 29.0.0.171ubuntu0.17.10.1
released
bionic
Fixed 29.0.0.171ubuntu1
released
trusty
Fixed 29.0.0.171ubuntu0.14.04.1
released
xenial
Fixed 29.0.0.171ubuntu0.16.04.1
released
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/104101
http://www.securitytracker.com/id/1040840
https://access.redhat.com/errata/RHSA-2018:1367
https://helpx.adobe.com/security/products/flash-player/apsb18-16.html
https://security.gentoo.org/glsa/201806-02
http://www.securityfocus.com/bid/104101
http://www.securitytracker.com/id/1040840
https://access.redhat.com/errata/RHSA-2018:1367
https://helpx.adobe.com/security/products/flash-player/apsb18-16.html
https://security.gentoo.org/glsa/201806-02