CVE-2018-4920

High

Adobe Flash Player versions 28.0.0.161 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to…

adobe·CWE-843·Published 2018-05-19

CVSS

8.8

EPSS

0.08

KEV

Exploits

Vendor statements (1)

access.redhat.com

cve.orgen

199 chars

Adobe Flash Player versions 28.0.0.161 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

NVDes

226 chars

Adobe Flash Player, en versiones 28.0.0.161 y anteriores, tiene una vulnerabilidad explotable de confusión de tipos. Su explotación con éxito podría permitir la ejecución arbitraria de código en el contexto del usuario actual.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	9.3	8.6	10.0	AV:N/AC:M/Au:N/C:C/I:C/A:C
3.1	Primary	NVD	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H