CVE-2018-5002

Adobe Flash Player versions 29.0.0.171 and earlier have a Stack-based buffer overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
adobeCNA
---
---
CVEADP
---
---
CISA-ADPADP
7.8 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 97%
VendorProductVersion
adobeflash_player_desktop_runtime
𝑥
≤ 29.0.0.171
adobeflash_player
𝑥
≤ 29.0.0.171
adobeflash_player
𝑥
≤ 29.0.0.171
adobeflash_player
𝑥
≤ 29.0.0.171
redhatenterprise_linux_desktop
6.0
redhatenterprise_linux_server
6.0
redhatenterprise_linux_workstation
6.0
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
adobe-flashplugin
bionic
Fixed 1:20180607.1-0ubuntu0.18.04.1
released
artful
Fixed 1:20180607.1-0ubuntu0.17.10.1
released
xenial
Fixed 1:20180607.1-0ubuntu0.16.04.1
released
trusty
Fixed 1:20180607.1-0ubuntu0.14.04.1
released
flashplugin-nonfree
bionic
Fixed 30.0.0.113ubuntu0.18.04.1
released
artful
Fixed 30.0.0.113ubuntu0.17.10.1
released
xenial
Fixed 30.0.0.113ubuntu0.16.04.1
released
trusty
Fixed 30.0.0.113ubuntu0.14.04.1
released
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/104412
http://www.securitytracker.com/id/1041058
https://access.redhat.com/errata/RHSA-2018:1827
https://helpx.adobe.com/security/products/flash-player/apsb18-19.html
https://security.gentoo.org/glsa/201806-02
http://www.securityfocus.com/bid/104412
http://www.securitytracker.com/id/1041058
https://access.redhat.com/errata/RHSA-2018:1827
https://helpx.adobe.com/security/products/flash-player/apsb18-19.html
https://security.gentoo.org/glsa/201806-02
https://github.com/cisagov/vulnrichment/issues/196
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-5002