PT-2018-16705 · Adobe+2 · Flash Player+2

Published

2018-07-10

Updated

2018-10-02

CVE-2018-5007

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Adobe Flash Player versions 30.0.0.113 and earlier

Description A Type Confusion issue allows attackers to execute arbitrary code in the context of the current user. This issue affects Adobe Flash Player, as well as certain Red Hat Enterprise Linux products, including Desktop, Server, and Workstation.

Recommendations For Adobe Flash Player versions 30.0.0.113 and earlier, update to a version later than 30.0.0.113 to resolve the issue. At the moment, there is no information about specific fixes for the affected Red Hat Enterprise Linux products.

Fix

Incorrect Type Conversion or Cast

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-704

Related Identifiers

ALT-PU-2018-2115

ALT-PU-2018-2414

CVE-2018-5007

MGASA-2018-0315

RHSA-2018:2175

RHSA-2018_2175

ZDI-18-1009

Affected Products

Alt Linux

Flash Player

Red Hat

PT-2018-16705 · Adobe+2 · Flash Player+2

CVE-2018-5007

Weakness Enumeration

Related Identifiers

Affected Products

References · 10