Vulnerability CVE-2018-4878


Published: 2018-02-06

Description:
A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This vulnerability occurs due to a dangling pointer in the Primetime SDK related to media player handling of listener objects. A successful attack can lead to arbitrary code execution. This was exploited in the wild in January and February 2018.

See advisories in our WLB2 database:
Topic
Author
Date
High
Adobe Flash 28.0.0.137 Remote Code Execution
SyFi
05.04.2018

Type:

CWE-416

(Use After Free)

Vendor: Adobe
Product: Flash player 
Version:
9.125.0
9.0.9.0
9.0.8.0
9.0.48.0
9.0.47.0
9.0.45.0
9.0.31.0
9.0.31
9.0.283.0
9.0.280
9.0.28.0
9.0.28
9.0.277.0
9.0.262.0
9.0.260.0
9.0.246.0
9.0.20.0
9.0.20
9.0.18d60
9.0.16
9.0.159.0
9.0.155.0
9.0.152.0
9.0.151.0
9.0.125.0
9.0.124.0
9.0.115.0
9.0.114.0
9.0.112.0
9.0
8.0.42.0
8.0.39.0
8.0.35.0
8.0.34.0
8.0.33.0
8.0.24.0
8.0.22.0
8.0
7.2
7.1.1
7.1
7.0.73.0
7.0.70.0
7.0.69.0
7.0.68.0
7.0.67.0
7.0.66.0
7.0.63
7.0.61.0
7.0.60.0
7.0.53.0
7.0.25
7.0.24.0
7.0.19.0
7.0.14.0
7.0.1
7.0
6.0.79
6.0.21.0
6
5
4
3
26.0.0.137
24.0.0.221
24.0.0.194
24.0.0.186
23.0.0.207
23.0.0.185
22.0.0.211
22.0.0.192
21.0.0.97
21.0.0.242
21.0.0.226
21.0.0.213
20.0.0.306
20.0.0.286
20.0.0.235
20.0.0.228
2
19.0.0.245
19.0.0.226
19.0.0.207
19.0.0.185
18.0.0.366
18.0.0.360
18.0.0.352
18.0.0.343
18.0.0.333
18.0.0.326
18.0.0.324
18.0.0.268
18.0.0.261
18.0.0.209
See more versions on NVD
Vendor: Redhat
Product: Enterprise linux server 
Version: 6.0;
Product: Enterprise linux desktop 
Version: 6.0;
Product: Enterprise linux workstation 
Version: 6.0;

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

 References:
http://blog.talosintelligence.com/2018/02/group-123-goes-wild.html
http://www.securityfocus.com/bid/102893
http://www.securitytracker.com/id/1040318
https://access.redhat.com/errata/RHSA-2018:0285
https://blog.morphisec.com/flash-exploit-cve-2018-4878-spotted-in-the-wild-massive-malspam-campaign
https://github.com/InQuest/malware-samples/tree/master/CVE-2018-4878-Adobe-Flash-DRM-UAF-0day
https://github.com/vysec/CVE-2018-4878
https://helpx.adobe.com/security/products/flash-player/apsb18-03.html
https://securingtomorrow.mcafee.com/mcafee-labs/hackers-bypassed-adobe-flash-protection-mechanism/
https://threatpost.com/adobe-flash-player-zero-day-spotted-in-the-wild/129742/
https://www.darkreading.com/threat-intelligence/adobe-flash-vulnerability-reappears-in-malicious-word-files/d/d-id/1331139
https://www.exploit-db.com/exploits/44412/
https://www.fireeye.com/blog/threat-research/2018/02/attacks-leveraging-adobe-zero-day.html
https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/north-korean-hackers-allegedly-exploit-adobe-flash-player-vulnerability-cve-2018-4878-against-south-korean-targets

Related CVE
CVE-2017-1002152
Bodhi 2.9.0 and lower is vulnerable to cross-site scripting resulting in code injection caused by incorrect validation of bug titles.
CVE-2018-6179
Insufficient enforcement of file access permission in the activeTab case in Extensions in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to access files on the local file system via a cra...
CVE-2018-6178
Eliding from the wrong side in an infobar in DevTools in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to Hide Chrome Security UI via a crafted Chrome Extension.
CVE-2018-6175
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
CVE-2018-6174
Integer overflows in Swiftshader in Google Chrome prior to 68.0.3440.75 potentially allowed a remote attacker to execute arbitrary code via a crafted HTML page.
CVE-2018-6173
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
CVE-2018-6172
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
CVE-2018-6170
A bad cast in PDFium in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

Copyright 2019, cxsecurity.com

 

Back to Top