Vulnerability CVE-2018-4920: Information

Description

Adobe Flash Player versions 28.0.0.161 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

Severity: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Fixed packages

References to Advisories, Solutions, and Tools

1. Affected configurations:

   1. Configuration 1

      cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*

      ---

      Running on/with:

      cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*

      ---

      Running on/with:

      cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

      ---

      Configuration 2

      cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*

      ---

      Running on/with:

      cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*

      ---

      Running on/with:

      cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*

      ---

      Running on/with:

      cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

      ---

      Configuration 3

      cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*

      ---

      cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*

      ---