Security News > 2018 > December > Adobe patches newly exploited Flash zero-day

Adobe patches newly exploited Flash zero-day
2018-12-06 07:06

Adobe has released an out-of-band security update for Flash Player that fixes two vulnerabilities, one of which is a zero-day (CVE-2018-15982) that has been spotted being exploited in the wild. About the vulnerability (CVE-2018-15982) CVE-2018-15982 is a use-after-free in the Flash’s file package com.adobe.tvsdk.mediacore.metadata that can be exploited to deliver and execute malicious code on a victim’s computer. It was flagged on November 29 by researchers with Gigamon Applied Threat Research (ATR) and Qihoo 360 … More → The post Adobe patches newly exploited Flash zero-day appeared first on Help Net Security.


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/OQ7-Qbg2xg0/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2019-01-18 CVE-2018-15982 Use After Free vulnerability in multiple products
Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have a use after free vulnerability.
network
low complexity
adobe redhat CWE-416
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Adobe 105 47 824 1650 622 3143