Vulnerabilities > CVE-2018-5001 - Out-of-bounds Read vulnerability in multiple products

047910
CVSS 6.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
low complexity
adobe
redhat
CWE-125
nessus

Summary

Adobe Flash Player versions 29.0.0.171 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Vulnerable Configurations

Part Description Count
Application
Adobe
110
OS
Apple
1
OS
Linux
1
OS
Microsoft
3
OS
Google
1
OS
Redhat
3

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Overread Buffers
    An adversary attacks a target by providing input that causes an application to read beyond the boundary of a defined buffer. This typically occurs when a value influencing where to start or stop reading is set to reflect positions outside of the valid memory location of the buffer. This type of attack may result in exposure of sensitive information, a system crash, or arbitrary code execution.

Nessus

  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_FLASH_PLAYER_APSB18-19.NASL
    descriptionThe version of Adobe Flash Player installed on the remote macOS or Mac OS X host is equal or prior to version 29.0.0.171. It is therefore affected by multiple vulnerabilities.
    last seen2020-06-01
    modified2020-06-02
    plugin id110396
    published2018-06-07
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/110396
    titleAdobe Flash Player for Mac <= 29.0.0.171 (APSB18-19)
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_2DDE5A566AB111E8B6396451062F0F7A.NASL
    descriptionAdobe reports : - This update resolves a type confusion vulnerability that could lead to arbitrary code execution (CVE-2018-4945). - This update resolves an integer overflow vulnerability that could lead to information disclosure (CVE-2018-5000). - This update resolves an out-of-bounds read vulnerability that could lead to information disclosure (CVE-2018-5001). - This update resolves a stack-based buffer overflow vulnerability that could lead to arbitrary code execution (CVE-2018-5002).
    last seen2020-06-01
    modified2020-06-02
    plugin id110403
    published2018-06-08
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/110403
    titleFreeBSD : Flash Player -- multiple vulnerabilities (2dde5a56-6ab1-11e8-b639-6451062f0f7a)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2018-1827.NASL
    descriptionAn update for flash-plugin is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 30.0.0.113. Security Fix(es) : * flash-plugin: Arbitrary Code Execution vulnerability (APSB18-19) (CVE-2018-4945) * flash-plugin: Arbitrary Code Execution vulnerability (APSB18-19) (CVE-2018-5002) * flash-plugin: Information Disclosure vulnerabilities (APSB18-19) (CVE-2018-5000, CVE-2018-5001) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id110469
    published2018-06-12
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/110469
    titleRHEL 6 : flash-plugin (RHSA-2018:1827)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201806-02.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201806-02 (Adobe Flash Player: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could possibly execute arbitrary code with the privileges of the process or obtain sensitive information. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id110523
    published2018-06-14
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/110523
    titleGLSA-201806-02 : Adobe Flash Player: Multiple vulnerabilities
  • NASL familyWindows
    NASL idFLASH_PLAYER_APSB18-19.NASL
    descriptionThe version of Adobe Flash Player installed on the remote Windows host is equal or prior to version 29.0.0.171. It is therefore affected by multiple vulnerabilities.
    last seen2020-06-01
    modified2020-06-02
    plugin id110397
    published2018-06-07
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/110397
    titleAdobe Flash Player <= 29.0.0.171 (APSB18-19)
  • NASL familyWindows : Microsoft Bulletins
    NASL idSMB_NT_MS18_JUN_4287903.NASL
    descriptionThe remote Windows host is missing security update KB4287903. It is, therefore, affected by multiple remote code execution vulnerabilities in Adobe Flash Player.
    last seen2020-06-01
    modified2020-06-02
    plugin id110414
    published2018-06-08
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/110414
    titleKB4287903: Security update for Adobe Flash Player (June 2018)

Redhat

advisories
rhsa
idRHSA-2018:1827
rpmsflash-plugin-0:30.0.0.113-1.el6_9

The Hacker News

idTHN:A63890B8ADE3B23F098107F5CC398A2F
last seen2018-06-07
modified2018-06-07
published2018-06-07
reporterMohit Kumar
sourcehttps://thehackernews.com/2018/06/flash-player-zero-day-exploit.html
titleAdobe Issues Patch for Actively Exploited Flash Player Zero-Day Exploit