Description
Flash Player Desktop Runtime versions 32.0.0.114 and earlier, Flash Player for Google Chrome versions 32.0.0.114 and earlier, and Flash Player for Microsoft Edge and Internet Explorer 11 versions 32.0.0.114 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://helpx.adobe.com/security/products/flash-player/apsb19-06.html
Scores
CVSS v3
6.5
EPSS
0.0123
EPSS Percentile
79.3%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Details
CWE
CWE-125
Status
published
Products (2)
adobe/flash_player
< 32.0.0.114 (3 CPE variants)
adobe/flash_player_desktop_runtime
< 32.0.0.114
Published
May 24, 2019
Tracked Since
Feb 18, 2026