Vulnerability Details CVE-2018-5002
Adobe Flash Player versions 29.0.0.171 and earlier have a Stack-based buffer overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.468
EPSS Ranking 97.5%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
Proposed Action
Adobe Flash Player have a stack-based buffer overflow vulnerability that could lead to remote code execution.
Ransomware Campaign
Unknown
References
- http://www.securityfocus.com/bid/104412
- http://www.securitytracker.com/id/1041058
- https://access.redhat.com/errata/RHSA-2018:1827
- https://helpx.adobe.com/security/products/flash-player/apsb18-19.html
- https://security.gentoo.org/glsa/201806-02
- http://www.securityfocus.com/bid/104412
- http://www.securitytracker.com/id/1041058
- https://access.redhat.com/errata/RHSA-2018:1827
- https://helpx.adobe.com/security/products/flash-player/apsb18-19.html
- https://security.gentoo.org/glsa/201806-02
Products affected by CVE-2018-5002
-
cpe:2.3:a:adobe:flash_player:16.0.0.287
-
cpe:2.3:a:adobe:flash_player:18.0
-
cpe:2.3:a:adobe:flash_player:18.0.0.203
-
cpe:2.3:a:adobe:flash_player:18.0.0.204
-
cpe:2.3:a:adobe:flash_player:19.0.0.245
-
cpe:2.3:a:adobe:flash_player:20.0.0.228
-
cpe:2.3:a:adobe:flash_player:20.0.0.306
-
cpe:2.3:a:adobe:flash_player:21.0.0.216
-
cpe:2.3:a:adobe:flash_player:21.0.0.241
-
cpe:2.3:a:adobe:flash_player:21.0.0.242
-
cpe:2.3:a:adobe:flash_player:21.0.0.97
-
cpe:2.3:a:adobe:flash_player:22.0.0.192
-
cpe:2.3:a:adobe:flash_player:22.0.0.211
-
cpe:2.3:a:adobe:flash_player:23.0
-
cpe:2.3:a:adobe:flash_player:23.0.0.162
-
cpe:2.3:a:adobe:flash_player:23.0.0.185
-
cpe:2.3:a:adobe:flash_player:23.0.0.205
-
cpe:2.3:a:adobe:flash_player:23.0.0.207
-
cpe:2.3:a:adobe:flash_player:23.0.0.257
-
cpe:2.3:a:adobe:flash_player:24.0.0.186
-
cpe:2.3:a:adobe:flash_player:24.0.0.194
-
cpe:2.3:a:adobe:flash_player:24.0.0.221
-
cpe:2.3:a:adobe:flash_player:25.0.0.127
-
cpe:2.3:a:adobe:flash_player:25.0.0.148
-
cpe:2.3:a:adobe:flash_player:25.0.0.163
-
cpe:2.3:a:adobe:flash_player:25.0.0.171
-
cpe:2.3:a:adobe:flash_player:26.0.0.120
-
cpe:2.3:a:adobe:flash_player:26.0.0.126
-
cpe:2.3:a:adobe:flash_player:26.0.0.131
-
cpe:2.3:a:adobe:flash_player:26.0.0.137
-
cpe:2.3:a:adobe:flash_player:26.0.0.151
-
cpe:2.3:a:adobe:flash_player:27.0.0.130
-
cpe:2.3:a:adobe:flash_player:27.0.0.159
-
cpe:2.3:a:adobe:flash_player:27.0.0.170
-
cpe:2.3:a:adobe:flash_player:27.0.0.183
-
cpe:2.3:a:adobe:flash_player:27.0.0.187
-
cpe:2.3:a:adobe:flash_player:28.0.0.126
-
cpe:2.3:a:adobe:flash_player:28.0.0.137
-
cpe:2.3:a:adobe:flash_player:28.0.0.161
-
cpe:2.3:a:adobe:flash_player:29.0.0.113
-
cpe:2.3:a:adobe:flash_player:29.0.0.140
-
cpe:2.3:a:adobe:flash_player:29.0.0.171
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:16.0.0.287
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:18.0
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:18.0.0.203
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:21.0.0.226
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:23.0.0.162
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:26.0.0.131
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:26.0.0.137
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:26.0.0.151
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:27.0.0.130
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:27.0.0.159
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:27.0.0.170
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:27.0.0.183
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:27.0.0.187
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:28.0.0.126
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:28.0.0.137
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:28.0.0.161
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:29.0.0.113
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:29.0.0.140
-
cpe:2.3:a:adobe:flash_player_desktop_runtime:29.0.0.171
-
cpe:2.3:o:apple:mac_os_x:-
-
cpe:2.3:o:google:chrome_os:-
-
cpe:2.3:o:linux:linux_kernel:-
-
cpe:2.3:o:microsoft:windows:-
-
cpe:2.3:o:microsoft:windows_10:-
-
cpe:2.3:o:microsoft:windows_8.1:-
-
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0
-
cpe:2.3:o:redhat:enterprise_linux_server:6.0
-
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0