CVE-2018-4871

high

Description

An Out-of-bounds Read issue was discovered in Adobe Flash Player before 28.0.0.137. This vulnerability occurs because of computation that reads data that is past the end of the target buffer. The use of an invalid (out-of-range) pointer offset during access of internal data structure fields causes the vulnerability. A successful attack can lead to sensitive data exposure.

References

Advisories
More

https://access.redhat.com/errata/RHSA-2018:0081

http://www.securitytracker.com/id/1040155

http://www.securityfocus.com/bid/102465

https://helpx.adobe.com/security/products/flash-player/apsb18-01.html

Details

Source: Mitre, NVD

Published: 2018-01-09

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High

EPSS

EPSS: 0.02904