Versions of Adobe Flash Player prior to 28.0.0.161 are unpatched for multiple vulnerabilities :
- A vulnerability exists due to a dangling pointer in the Primetime SDK related to media player’s quality of service functionality. A successful attack can lead to arbitrary code execution. (CVE-2018-4877)
- A vulnerability exists due to a dangling pointer in the Primetime SDK related to media player handling of listener objects. A successful attack can lead to arbitrary code execution.