Out-of-Bounds Read Vulnerability in Adobe Flash Player
CVE-2018-4934

6.5MEDIUM

Key Information:

Vendor: Adobe
Status: Adobe Flash Player 29.0.0.113 And Earlier Versions
Vendor: CVE Published:; 19 May 2018

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 29%

What is CVE-2018-4934?

Adobe Flash Player versions up to 29.0.0.113 are susceptible to an out-of-bounds read vulnerability that could be exploited to disclose sensitive information. Attackers leveraging this flaw may gain unauthorized access to data through crafted input, posing a significant risk to users. It is crucial for users of the affected versions to apply available security updates to mitigate potential threats.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Adobe Flash Player 29.0.0.113 and earlier Adobe Flash Player 29.0.0.113 and earlier versions

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2018-4934 - Proof of Concept

References

http://www.securityfocus.com/bid/103708

vdb-entryx_refsource_BID

https://access.redhat.com/errata/RHSA-2018:1119

vendor-advisoryx_refsource_REDHAT

http://www.securitytracker.com/id/1040648

vdb-entryx_refsource_SECTRACK

EPSS Score

29% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

🟡
Public PoC available
May 19, 2018
👾
Exploit known to exist
May 19, 2018
Vulnerability published
May 19, 2018
Vulnerability Reserved
Jan 3, 2018

JSON

Adobe