Vulnerability Details CVE-2018-4937
Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.452
EPSS Ranking 97.4%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 9.3
References
- http://www.securityfocus.com/bid/103708
- http://www.securitytracker.com/id/1040648
- https://access.redhat.com/errata/RHSA-2018:1119
- https://helpx.adobe.com/security/products/flash-player/apsb18-08.html
- https://security.gentoo.org/glsa/201804-11
- https://www.exploit-db.com/exploits/44529/
- http://www.securityfocus.com/bid/103708
- http://www.securitytracker.com/id/1040648
- https://access.redhat.com/errata/RHSA-2018:1119
- https://helpx.adobe.com/security/products/flash-player/apsb18-08.html
- https://security.gentoo.org/glsa/201804-11
- https://www.exploit-db.com/exploits/44529/
Products affected by CVE-2018-4937
-
cpe:2.3:a:adobe:flash_player:16.0.0.287
-
cpe:2.3:a:adobe:flash_player:18.0
-
cpe:2.3:a:adobe:flash_player:18.0.0.203
-
cpe:2.3:a:adobe:flash_player:18.0.0.204
-
cpe:2.3:a:adobe:flash_player:19.0.0.245
-
cpe:2.3:a:adobe:flash_player:20.0.0.228
-
cpe:2.3:a:adobe:flash_player:20.0.0.306
-
cpe:2.3:a:adobe:flash_player:21.0.0.216
-
cpe:2.3:a:adobe:flash_player:21.0.0.241
-
cpe:2.3:a:adobe:flash_player:21.0.0.242
-
cpe:2.3:a:adobe:flash_player:21.0.0.97
-
cpe:2.3:a:adobe:flash_player:22.0.0.192
-
cpe:2.3:a:adobe:flash_player:22.0.0.211
-
cpe:2.3:a:adobe:flash_player:23.0
-
cpe:2.3:a:adobe:flash_player:23.0.0.162
-
cpe:2.3:a:adobe:flash_player:23.0.0.185
-
cpe:2.3:a:adobe:flash_player:23.0.0.205
-
cpe:2.3:a:adobe:flash_player:23.0.0.207
-
cpe:2.3:a:adobe:flash_player:23.0.0.257
-
cpe:2.3:a:adobe:flash_player:24.0.0.186
-
cpe:2.3:a:adobe:flash_player:24.0.0.194
-
cpe:2.3:a:adobe:flash_player:24.0.0.221
-
cpe:2.3:a:adobe:flash_player:25.0.0.127
-
cpe:2.3:a:adobe:flash_player:25.0.0.148
-
cpe:2.3:a:adobe:flash_player:25.0.0.163
-
cpe:2.3:a:adobe:flash_player:25.0.0.171
-
cpe:2.3:a:adobe:flash_player:26.0.0.120
-
cpe:2.3:a:adobe:flash_player:26.0.0.126
-
cpe:2.3:a:adobe:flash_player:26.0.0.131
-
cpe:2.3:a:adobe:flash_player:26.0.0.137
-
cpe:2.3:a:adobe:flash_player:26.0.0.151
-
cpe:2.3:a:adobe:flash_player:27.0.0.130
-
cpe:2.3:a:adobe:flash_player:27.0.0.159
-
cpe:2.3:a:adobe:flash_player:27.0.0.170
-
cpe:2.3:a:adobe:flash_player:27.0.0.183
-
cpe:2.3:a:adobe:flash_player:27.0.0.187
-
cpe:2.3:a:adobe:flash_player:28.0.0.126
-
cpe:2.3:a:adobe:flash_player:28.0.0.137
-
cpe:2.3:a:adobe:flash_player:28.0.0.161
-
cpe:2.3:a:adobe:flash_player:29.0.0.113
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:16.0.0.287
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:18.0
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:18.0.0.203
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:21.0.0.226
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:23.0.0.162
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:26.0.0.131
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:26.0.0.137
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:26.0.0.151
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:27.0.0.130
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:27.0.0.159
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:27.0.0.170
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:27.0.0.183
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:27.0.0.187
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:28.0.0.126
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:28.0.0.137
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:28.0.0.161
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:29.0.0.113
-
cpe:2.3:o:apple:mac_os_x:-
-
cpe:2.3:o:google:chrome_os:-
-
cpe:2.3:o:linux:linux_kernel:-
-
cpe:2.3:o:microsoft:windows:-
-
cpe:2.3:o:microsoft:windows_10:-
-
cpe:2.3:o:microsoft:windows_8.1:-