CVE-2018-5165

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 60

Description The issue concerns the Adobe Flash plugin setting for "Enable Adobe Flash protected mode" in Firefox, which is displayed as unchecked by default, even though the Adobe Flash sandbox is enabled. This discrepancy can lead to user confusion, potentially causing users to inadvertently turn off protections. The vulnerability is related to errors in privilege management and can be exploited by a remote attacker to bypass existing security restrictions.

Recommendations For versions prior to 60, update to version 60 or later to resolve the issue. As a temporary workaround, consider manually verifying the Adobe Flash protected mode setting to ensure it aligns with the intended security configuration. Restrict access to the Adobe Flash plugin until the issue is resolved.