CVE-2018-4944

Adobe Flash Player versions 29.0.0.140 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
adobeCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 95%
VendorProductVersion
adobeflash_player
𝑥
≤ 29.0.0.140
redhatenterprise_linux_desktop
6.0
redhatenterprise_linux_server
6.0
redhatenterprise_linux_workstation
6.0
adobeflash_player
𝑥
≤ 29.0.0.140
adobeflash_player
𝑥
≤ 29.0.0.140
adobeflash_player
𝑥
≤ 29.0.0.140
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
adobe-flashplugin
bionic
Fixed 1:20180508.1-0ubuntu1
released
artful
Fixed 1:20180508.1-0ubuntu0.17.10.1
released
xenial
Fixed 1:20180508.1-0ubuntu0.16.04.1
released
trusty
Fixed 1:20180508.1-0ubuntu0.14.04.1
released
flashplugin-nonfree
bionic
Fixed 29.0.0.171ubuntu1
released
artful
Fixed 29.0.0.171ubuntu0.17.10.1
released
xenial
Fixed 29.0.0.171ubuntu0.16.04.1
released
trusty
Fixed 29.0.0.171ubuntu0.14.04.1
released
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/104101
http://www.securitytracker.com/id/1040840
https://access.redhat.com/errata/RHSA-2018:1367
https://helpx.adobe.com/security/products/flash-player/apsb18-16.html
https://security.gentoo.org/glsa/201806-02
http://www.securityfocus.com/bid/104101
http://www.securitytracker.com/id/1040840
https://access.redhat.com/errata/RHSA-2018:1367
https://helpx.adobe.com/security/products/flash-player/apsb18-16.html
https://security.gentoo.org/glsa/201806-02