Type Confusion Vulnerability in Adobe Flash Player
CVE-2018-15981

9.8CRITICAL

Key Information:

Vendor
Adobe
Status
Flash Player
Vendor
CVE Published:
29 November 2018

Summary

Adobe Flash Player versions 31.0.0.148 and earlier are affected by a type confusion vulnerability. This flaw can be exploited to execute arbitrary code on the system, posing significant security risks. Users are advised to update to the latest version of Flash Player to mitigate potential threats. For further details, refer to the security advisories from Adobe and other security platforms.

Affected Version(s)

Flash Player 31.0.0.148 and earlier versions

References

http://www.securityfocus.com/bid/105964
vdb-entryx_refsource_BID
https://access.redhat.com/errata/RHSA-2018:3644
vendor-advisoryx_refsource_REDHAT
https://helpx.adobe.com/security/products/flash-player/ap...
x_refsource_CONFIRM

EPSS Score

9% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.