Below is the info. Flash Version: 29.0 (29.0.0.113) Problem Description: Using the latest version of IE 11 on Windows 10 (64 bit) with all of the latest Windows updates. The web site in question uses flash components and it freezes after some usage time.
- Flash Player Chrome
- The Adobe Flash Player is freeware software for viewing multimedia, executing Rich Internet Applications, and streaming video and audio, content created on the Adobe Flash platform. Notes This package is only for Windows XP to Windows 7, because Windows 8 already contains an integrated Flash Player for Internet Explorer.
- In Flash Player 29.0.0.113 Notification Update workflow was changed from Flash Player itself to a Task. Up until 28.0.0.161, Flash Player itself performed the check (for a new version) when Flash content was viewed. As of 29.0.0.113 this functionality was moved to a Task (Adobe Flash Player NPAPI Notifier Task).
- Hi, A security scan has return ed multiple instances of: Adobe Flash Player ) (108958) The solution is to Upgrade to Adobe Flash Player version 29.0.0.140 or later.All servers (2012 R2) are on a later version than 29.0.0.140 and when i look in the registry it shows the correc.
- Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Flash Player Chrome
Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Publish Date : 2018-05-19 Last Update Date : 2019-03-07 | Scroll To | Comments | External Links |
- CVSS Scores & Vulnerability Types | CVSS Score |
|---|
| Confidentiality Impact | Complete(There is total information disclosure, resulting in all system files being revealed.) |
|---|
| Integrity Impact | Complete(There is a total compromise of system integrity. There is a complete loss of system protection, resulting in the entire system being compromised.) |
|---|
| Availability Impact | Complete(There is a total shutdown of the affected resource. The attacker can render the resource completely unavailable.) |
|---|
| Access Complexity | Low(Specialized access conditions or extenuating circumstances do not exist. Very little knowledge or skill is required to exploit. ) |
|---|
| Authentication | Not required(Authentication is not required to exploit the vulnerability.) |
|---|
| Gained Access | None |
|---|
| Vulnerability Type(s) | Execute Code |
|---|
| CWE ID | 787 |
|---|
|
- Products Affected By CVE-2018-4937 | # | Product Type | Vendor | Product | Version | Update | Edition | Language |
|---|
No vulnerable product found. If the vulnerability is created recently it may take a few days to gather vulnerable products list and other information like cvss scores. Please check again in a few days. |
- References For CVE-2018-4937 http://www.securityfocus.com/bid/103708
BID 103708 Adobe Flash Player APSB18-08 Multiple Security Vulnerabilities Release Date:2018-04-16 | https://security.gentoo.org/glsa/201804-11
GENTOO GLSA-201804-11 | http://www.securitytracker.com/id/1040648
SECTRACK 1040648 | https://access.redhat.com/errata/RHSA-2018:1119
REDHAT RHSA-2018:1119 | https://www.exploit-db.com/exploits/44529/
EXPLOIT-DB 44529 | https://helpx.adobe.com/security/products/flash-player/apsb18-08.html
|
|
- Metasploit Modules Related To CVE-2018-4937There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information)
|