Home > Vulnerability Database > CVE-2018-4944

Mend.io Vulnerability Database

New vulnerability? Tell us about it!

CVE-2018-4944

Date: May 19, 2018

Adobe Flash Player versions 29.0.0.140 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

Severity Score

9.8

Related Resources (8)

Url: https://helpx.adobe.com/security/products/flash-player/apsb18-16.html

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2018-4944

Url: http://www.securityfocus.com/bid/104101

Url: http://www.securitytracker.com/id/1040840

Url: https://security.gentoo.org/glsa/201806-02

Url: https://nvd.nist.gov/vuln/detail/CVE-2018-4944

Url: https://access.redhat.com/errata/RHSA-2018:1367

Url: https://www.mend.io/vulnerability-database/CVE-2018-4944

Severity Score

9.8

Weakness Type (CWE)

Incorrect Type Conversion or Cast

CWE-704

CVSS v3

Base Score:	9.8
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

CVSS v2

Base Score:	10.0
Access Vector (AV):	NETWORK
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	COMPLETE
Integrity (I):	COMPLETE
Availability (A):	COMPLETE
Additional information:

Do you need more information?

Contact Us