CVE-2018-5008

HIGH

Adobe Flash Player Desktop Runtime < 30.0.0.113 - Out-of-Bounds Read

Title source: rule

Description

Adobe Flash Player 30.0.0.113 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

References (4)

Core 4

Core References

Vendor Advisory x_refsource_confirm

https://helpx.adobe.com/security/products/flash-player/apsb18-24.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1041248

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/104698

Third Party Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2018:2175

Scores

CVSS v3 7.5

EPSS 0.0196

EPSS Percentile 83.7%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-125

Status published

Products (5)

adobe/flash_player < 30.0.0.113 (3 CPE variants)

adobe/flash_player_desktop_runtime < 30.0.0.113

redhat/enterprise_linux_desktop 6.0

redhat/enterprise_linux_server 6.0

redhat/enterprise_linux_workstation 6.0

Published Jul 20, 2018

Tracked Since Feb 18, 2026