Vulnerability Details CVE-2018-4920
Adobe Flash Player versions 28.0.0.161 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.041
EPSS Ranking 88.0%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 9.3
References
- http://www.securityfocus.com/bid/103383
- http://www.securitytracker.com/id/1040509
- https://access.redhat.com/errata/RHSA-2018:0520
- https://helpx.adobe.com/security/products/flash-player/apsb18-05.html
- http://www.securityfocus.com/bid/103383
- http://www.securitytracker.com/id/1040509
- https://access.redhat.com/errata/RHSA-2018:0520
- https://helpx.adobe.com/security/products/flash-player/apsb18-05.html
Products affected by CVE-2018-4920
-
cpe:2.3:a:adobe:flash_player:16.0.0.287
-
cpe:2.3:a:adobe:flash_player:18.0
-
cpe:2.3:a:adobe:flash_player:18.0.0.203
-
cpe:2.3:a:adobe:flash_player:18.0.0.204
-
cpe:2.3:a:adobe:flash_player:19.0.0.245
-
cpe:2.3:a:adobe:flash_player:20.0.0.228
-
cpe:2.3:a:adobe:flash_player:20.0.0.306
-
cpe:2.3:a:adobe:flash_player:21.0.0.216
-
cpe:2.3:a:adobe:flash_player:21.0.0.241
-
cpe:2.3:a:adobe:flash_player:21.0.0.242
-
cpe:2.3:a:adobe:flash_player:21.0.0.97
-
cpe:2.3:a:adobe:flash_player:22.0.0.192
-
cpe:2.3:a:adobe:flash_player:22.0.0.211
-
cpe:2.3:a:adobe:flash_player:23.0
-
cpe:2.3:a:adobe:flash_player:23.0.0.162
-
cpe:2.3:a:adobe:flash_player:23.0.0.185
-
cpe:2.3:a:adobe:flash_player:23.0.0.205
-
cpe:2.3:a:adobe:flash_player:23.0.0.207
-
cpe:2.3:a:adobe:flash_player:23.0.0.257
-
cpe:2.3:a:adobe:flash_player:24.0.0.186
-
cpe:2.3:a:adobe:flash_player:24.0.0.194
-
cpe:2.3:a:adobe:flash_player:24.0.0.221
-
cpe:2.3:a:adobe:flash_player:25.0.0.127
-
cpe:2.3:a:adobe:flash_player:25.0.0.148
-
cpe:2.3:a:adobe:flash_player:25.0.0.163
-
cpe:2.3:a:adobe:flash_player:25.0.0.171
-
cpe:2.3:a:adobe:flash_player:26.0.0.120
-
cpe:2.3:a:adobe:flash_player:26.0.0.126
-
cpe:2.3:a:adobe:flash_player:26.0.0.131
-
cpe:2.3:a:adobe:flash_player:26.0.0.137
-
cpe:2.3:a:adobe:flash_player:26.0.0.151
-
cpe:2.3:a:adobe:flash_player:27.0.0.130
-
cpe:2.3:a:adobe:flash_player:27.0.0.159
-
cpe:2.3:a:adobe:flash_player:27.0.0.170
-
cpe:2.3:a:adobe:flash_player:27.0.0.183
-
cpe:2.3:a:adobe:flash_player:27.0.0.187
-
cpe:2.3:a:adobe:flash_player:28.0.0.126
-
cpe:2.3:a:adobe:flash_player:28.0.0.137
-
cpe:2.3:a:adobe:flash_player:28.0.0.161
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:16.0.0.287
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:18.0
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:18.0.0.203
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:21.0.0.226
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:23.0.0.162
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:26.0.0.131
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:26.0.0.137
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:26.0.0.151
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:27.0.0.130
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:27.0.0.159
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:27.0.0.170
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:27.0.0.183
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:27.0.0.187
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:28.0.0.126
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:28.0.0.137
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:28.0.0.161
-
cpe:2.3:o:apple:mac_os_x:-
-
cpe:2.3:o:google:chrome_os:-
-
cpe:2.3:o:linux:linux_kernel:-
-
cpe:2.3:o:microsoft:windows:-
-
cpe:2.3:o:microsoft:windows_10:-
-
cpe:2.3:o:microsoft:windows_8.1:-