Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).
CVE-2018-4936
Severity
6.5MEDIUM
EPSS
41.8%
top 2.58%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
Timeline
PublishedMay 19
Latest updateMay 13
Description
Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable Heap Overflow vulnerability. Successful exploitation could lead to information disclosure.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6
Affected Packages4 packages
▶CVEListV5adobe_flash_player_29.0.0.113_and_earlier_versionsAdobe Flash Player 29.0.0.113 and earlier versions
Patches
🔴Vulnerability Details
3💥Exploits & PoCs
1📋Vendor Advisories
1💬Community
1Bugzilla▶
CVE-2018-4936 CVE-2018-4933 CVE-2018-4934 flash-plugin: Information Disclosure vulnerabilities (APSB18-08)↗2018-04-10