CVE-2018-4877

CVE: CVE-2018-4877
Published: 2018-02-06T21:29Z
Vendor: adobe
Products: flash_player
Versions: -, 2, 3, 4, 5, 6, 6.0.21.0, 6.0.79, 7, 7.0, 7.0.1, 7.0.14.0, 7.0.19.0, 7.0.24.0, 7.0.25, 7.0.53.0, 7.0.60.0, 7.0.61.0, 7.0.63, 7.0.66.0, 7.0.67.0, 7.0.68.0, 7.0.69.0, 7.0.70.0, 7.0.73.0, 7.1, 7.1.1, 7.2, 8, 8.0, 8.0.22.0, 8.0.24.0, 8.0.33.0, 8.0.34.0, 8.0.35.0, 8.0.39.0, 8.0.42.0, 9, 9.0, 9.0.8.0, 9.0.9.0, 9.0.16, 9.0.18d60, 9.0.20, 9.0.20.0, 9.0.28, 9.0.28.0, 9.0.31, 9.0.31.0, 9.0.45.0, 9.0.47.0, 9.0.48.0, 9.0.112.0, 9.0.114.0, 9.0.115.0, 9.0.124.0, 9.0.125.0, 9.0.151.0, 9.0.152.0, 9.0.155.0, 9.0.159.0, 9.0.246.0, 9.0.260.0, 9.0.262.0, 9.0.277.0, 9.0.280, 9.0.283.0, 9.125.0, 10, 10.0.0.584, 10.0.2.54, 10.0.12.10, 10.0.12.36, 10.0.15.3, 10.0.22.87, 10.0.32.18, 10.0.42.34, 10.0.45.2, 10.1, 10.1.52.14, 10.1.52.14.1, 10.1.52.15, 10.1.53.64, 10.1.82.76, 10.1.85.3, 10.1.92.8, 10.1.92.10, 10.1.95.1, 10.1.95.2, 10.1.102.64, 10.1.105.6, 10.1.106.16, 10.1.106.17, 10.2.152, 10.2.152.26, 10.2.152.32, 10.2.152.33, 10.2.153.1, 10.2.154.13, 10.2.154.25, 10.2.156.12, 10.2.157.51, 10.2.159.1, 10.3.181.14, 10.3.181.16, 10.3.181.22, 10.3.181.23, 10.3.181.26, 10.3.181.34, 10.3.183.5, 10.3.183.7, 10.3.183.10, 10.3.183.11, 10.3.183.15, 10.3.183.16, 10.3.183.18, 10.3.183.19, 10.3.183.20, 10.3.183.23, 10.3.183.25, 10.3.183.29, 10.3.183.43, 10.3.183.48, 10.3.183.50, 10.3.183.51, 10.3.183.61, 10.3.183.63, 10.3.183.67, 10.3.183.68, 10.3.183.75, 10.3.183.86, 10.3.185.22, 10.3.185.24, 10.3.186.3, 10.3.186.6, 10.3.186.7, 11.0, 11.0.1.152, 11.0.1.153, 11.1, 11.1.102.55, 11.1.102.59, 11.1.102.62, 11.1.102.63, 11.1.111.8, 11.1.111.44, 11.1.111.50, 11.1.111.54, 11.1.111.64, 11.1.111.73, 11.1.115.7, 11.1.115.34, 11.1.115.48, 11.1.115.54, 11.1.115.58, 11.1.115.59, 11.1.115.63, 11.1.115.69, 11.1.115.81, 11.2.202.223, 11.2.202.228, 11.2.202.233, 11.2.202.235, 11.2.202.236, 11.2.202.238, 11.2.202.243, 11.2.202.251, 11.2.202.258, 11.2.202.261, 11.2.202.262, 11.2.202.270, 11.2.202.273, 11.2.202.275, 11.2.202.280, 11.2.202.285, 11.2.202.291, 11.2.202.297, 11.2.202.310, 11.2.202.327, 11.2.202.332, 11.2.202.335, 11.2.202.336, 11.2.202.341, 11.2.202.346, 11.2.202.350, 11.2.202.356, 11.2.202.359, 11.2.202.378, 11.2.202.394, 11.2.202.411, 11.2.202.418, 11.2.202.424, 11.2.202.425, 11.2.202.429, 11.2.202.438, 11.2.202.440, 11.2.202.442, 11.2.202.451, 11.2.202.460, 11.2.202.466, 11.2.202.468, 11.2.202.475, 11.2.202.491, 11.2.202.535, 11.2.202.548, 11.2.202.554, 11.2.202.559, 11.2.202.569, 11.2.202.577, 11.2.202.626, 11.2.202.632, 11.2.202.637, 11.3.300.257, 11.3.300.262, 11.3.300.265, 11.3.300.268, 11.3.300.270, 11.3.300.271, 11.3.300.273, 11.4.402.265, 11.4.402.278, 11.4.402.287, 11.5.502.110, 11.5.502.135, 11.5.502.136, 11.5.502.146, 11.5.502.149, 11.6.602.167, 11.6.602.168, 11.6.602.171, 11.6.602.180, 11.7.700.169, 11.7.700.202, 11.7.700.203, 11.7.700.224, 11.7.700.225, 11.7.700.232, 11.7.700.242, 11.7.700.252, 11.7.700.257, 11.7.700.260, 11.7.700.261, 11.7.700.269, 11.7.700.272, 11.7.700.275, 11.7.700.279, 11.8.800.94, 11.8.800.97, 11.8.800.168, 11.9.900.117, 11.9.900.152, 11.9.900.170, 12.0.0.38, 12.0.0.41, 12.0.0.43, 12.0.0.44, 12.0.0.70, 12.0.0.77, 13.0.0.182, 13.0.0.201, 13.0.0.206, 13.0.0.214, 13.0.0.223, 13.0.0.231, 13.0.0.250, 13.0.0.252, 13.0.0.258, 13.0.0.260, 13.0.0.262, 13.0.0.264, 13.0.0.289, 13.0.0.292, 14.0.0.125, 14.0.0.145, 15.0.0.189, 15.0.0.239, 16.0.0.234, 16.0.0.257, 16.0.0.287, 16.0.0.296, 16.0.0.305, 17.0.0.134, 17.0.0.169, 17.0.0.188, 18.0.0.161, 18.0.0.194, 18.0.0.209, 18.0.0.261, 18.0.0.268, 18.0.0.324, 18.0.0.326, 18.0.0.333, 18.0.0.343, 18.0.0.352, 18.0.0.360, 18.0.0.366, 19.0.0.185, 19.0.0.207, 19.0.0.226, 19.0.0.245, 20.0.0.228, 20.0.0.235, 20.0.0.286, 20.0.0.306, 21.0.0.97, 21.0.0.213, 21.0.0.226, 21.0.0.242, 22.0.0.192, 22.0.0.211, 23.0.0.185, 23.0.0.207, 24.0.0.186, 24.0.0.194, 24.0.0.221, 26.0.0.137,
Vendor: redhat
Products: enterprise_linux_desktop
Versions: 6.0,
enterprise_linux_server
Versions: 6.0,
enterprise_linux_workstation
Versions: 6.0,
Description Language: en
Description: A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This vulnerability occurs due to a dangling pointer in the Primetime SDK related to media player’s quality of service functionality. A successful attack can lead to arbitrary code execution.
References:
http://www.securityfocus.com/bid/102930
https://access.redhat.com/errata/RHSA-2018:0285
https://helpx.adobe.com/security/products/flash-player/apsb18-03.html