CVE-2018-15983

CVE Database · CVE-2018-15983

CVE-2018-15983

· N/AModified

CVSS v3.1

N/A

EPSS

3.28%

Published

Jan 18, 2019

Modified

Nov 21, 2024

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation.

Weaknesses (CWE)

CWE-426

Affected Products (13)

adobe · flash_playervulnerable

apple · mac_os_x

linux · linux_kernel

microsoft · windows

adobe · flash_playervulnerable

apple · mac_os_x

google · chrome_os

linux · linux_kernel

microsoft · windows

adobe · flash_playervulnerable

microsoft · windows_10

· windows_8.1

References (4)

http://www.securityfocus.com/bid/106108

Third Party AdvisoryVDB Entry

https://helpx.adobe.com/security/products/flash-player/apsb18-42.html

PatchVendor Advisory

http://www.securityfocus.com/bid/106108

Third Party AdvisoryVDB Entry

https://helpx.adobe.com/security/products/flash-player/apsb18-42.html

PatchVendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs