Описание
A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This vulnerability occurs due to a dangling pointer in the Primetime SDK related to media player handling of listener objects. A successful attack can lead to arbitrary code execution. This was exploited in the wild in January and February 2018.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | released | 1:20180206.1-0ubuntu0.17.10.1 |
| devel | not-affected | 1:20180206.1-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [1:20180206.1-0ubuntu0.14.04.1]] |
| precise/esm | DNE | |
| trusty | released | 1:20180206.1-0ubuntu0.14.04.1 |
| trusty/esm | DNE | trusty was released [1:20180206.1-0ubuntu0.14.04.1] |
| upstream | released | 28.0.0.161 |
| xenial | released | 1:20180206.1-0ubuntu0.16.04.1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | released | 28.0.0.161ubuntu0.17.10.1 |
| devel | released | 28.0.0.161ubuntu1 |
| esm-apps/xenial | released | 28.0.0.161ubuntu0.16.04.1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [28.0.0.161ubuntu0.14.04.1]] |
| precise/esm | DNE | |
| trusty | released | 28.0.0.161ubuntu0.14.04.1 |
| trusty/esm | DNE | trusty was released [28.0.0.161ubuntu0.14.04.1] |
| upstream | released | 28.0.0.161 |
| xenial | released | 28.0.0.161ubuntu0.16.04.1 |
Показывать по
Ссылки на источники
7.5 High
CVSS2
7.8 High
CVSS3
Связанные уязвимости
A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This vulnerability occurs due to a dangling pointer in the Primetime SDK related to media player handling of listener objects. A successful attack can lead to arbitrary code execution. This was exploited in the wild in January and February 2018.
A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This vulnerability occurs due to a dangling pointer in the Primetime SDK related to media player handling of listener objects. A successful attack can lead to arbitrary code execution. This was exploited in the wild in January and February 2018.
A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This vulnerability occurs due to a dangling pointer in the Primetime SDK related to media player handling of listener objects. A successful attack can lead to arbitrary code execution. This was exploited in the wild in January and February 2018.
Уязвимость программной платформы Flash Player, связанная с использованием памяти после её освобождения, позволяющая нарушителю выполнить произвольный код
7.5 High
CVSS2
7.8 High
CVSS3