9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.04 Low
EPSS
Percentile
91.9%
Severity: Critical
Date : 2018-06-09
CVE-ID : CVE-2018-4945 CVE-2018-5000 CVE-2018-5001 CVE-2018-5002
Package : flashplugin
Type : multiple issues
Remote : Yes
Link : https://security.archlinux.org/AVG-716
The package flashplugin before version 30.0.0.113-1 is vulnerable to
multiple issues including arbitrary code execution and information
disclosure.
Upgrade to 30.0.0.113-1.
The problems have been fixed upstream in version 30.0.0.113.
None.
A type confusion issue has been found in Adobe Flash Player before
30.0.0.113, leading to arbitrary code execution.
An integer overflow issue has been found in Adobe Flash Player before
30.0.0.113, leading to information disclosure.
An out-of-bounds read has been found in Adobe Flash Player before
30.0.0.113, leading to information disclosure.
A stack-based buffer overflow has been found in Adobe Flash Player
before 30.0.0.113, leading to arbitrary code execution.
A remote attacker can access sensitive information or execute arbitrary
code via a crafted Flash file.
https://helpx.adobe.com/security/products/flash-player/apsb18-19.html
https://security.archlinux.org/CVE-2018-4945
https://security.archlinux.org/CVE-2018-5000
https://security.archlinux.org/CVE-2018-5001
https://security.archlinux.org/CVE-2018-5002
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ArchLinux | any | any | flashplugin | < 30.0.0.113-1 | UNKNOWN |
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.04 Low
EPSS
Percentile
91.9%