Use After Free Vulnerability in Adobe Flash Player by Adobe
CVE-2019-7845

8.8HIGH

Key Information:

Vendor
Adobe
Status
Adobe Flash Player
Vendor
CVE Published:
12 June 2019

Summary

Adobe Flash Player versions 32.0.0.192 and earlier are affected by a use after free vulnerability. This vulnerability can be exploited by an attacker to execute arbitrary code on the system, potentially compromising the integrity and confidentiality of the affected environment. Users are advised to upgrade to the latest version to mitigate risks associated with this vulnerability.

Affected Version(s)

Adobe Flash Player 32.0.0.192 and earlier, 32.0.0.192 and earlier, and 32.0.0.192  and earlier versions

References

https://helpx.adobe.com/security/products/flash-player/ap...
x_refsource_CONFIRM
https://access.redhat.com/errata/RHSA-2019:1476
vendor-advisoryx_refsource_REDHAT
https://security.gentoo.org/glsa/201908-21
vendor-advisoryx_refsource_GENTOO

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.