Security News > 2018 > December > Adobe patches newly exploited Flash zero-day
Adobe has released an out-of-band security update for Flash Player that fixes two vulnerabilities, one of which is a zero-day (CVE-2018-15982) that has been spotted being exploited in the wild. About the vulnerability (CVE-2018-15982) CVE-2018-15982 is a use-after-free in the Flash’s file package com.adobe.tvsdk.mediacore.metadata that can be exploited to deliver and execute malicious code on a victim’s computer. It was flagged on November 29 by researchers with Gigamon Applied Threat Research (ATR) and Qihoo 360 … More → The post Adobe patches newly exploited Flash zero-day appeared first on Help Net Security.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/OQ7-Qbg2xg0/
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-01-18 | CVE-2018-15982 | Use After Free vulnerability in multiple products Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have a use after free vulnerability. | 9.8 |