CVE-2018-15981

CWE-7047 documents6 sources
Severity
9.8CRITICAL
EPSS
24.0%
top 3.96%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Adobe Flash PlayerAdobe Flash Player Desktop RuntimeRedhat Enterprise Linux Desktop+2 more
Timeline
PublishedNov 29
Latest updateMay 14

Description

Flash Player versions 31.0.0.148 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages6 packages

NVDadobe/flash_player31.0.0.148
CVEListV5adobe/flash_player31.0.0.148 and earlier versions

🔴Vulnerability Details

2
GHSA
GHSA-j8f5-p7w2-6843: Flash Player versions 312022-05-14
CVEList
CVE-2018-15981: Flash Player versions 312018-11-29

📋Vendor Advisories

1
Red Hat
flash-plugin: Arbitrary code execution vulnerability (APSB18-44)2018-11-20

🕵️Threat Intelligence

1
Tenable
Adobe Issues Out-of-Band Patch for Critical Flash Player Vulnerability (CVE-2018-15981)2018-11-21

💬Community

1
Bugzilla
CVE-2018-15981 flash-plugin: Arbitrary code execution vulnerability (APSB18-44)2018-11-20