Lucene search

K
redhatRedHatRHSA-2018:1827
HistoryJun 11, 2018 - 12:45 p.m.

(RHSA-2018:1827) Critical: flash-plugin security update

2018-06-1112:45:39
access.redhat.com
61

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.031

Percentile

91.1%

The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in.

This update upgrades Flash Player to version 30.0.0.113.

Security Fix(es):

  • flash-plugin: Arbitrary Code Execution vulnerability (APSB18-19) (CVE-2018-4945)

  • flash-plugin: Arbitrary Code Execution vulnerability (APSB18-19) (CVE-2018-5002)

  • flash-plugin: Information Disclosure vulnerabilities (APSB18-19) (CVE-2018-5000, CVE-2018-5001)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
RedHat6i686flash-plugin< 30.0.0.113-1.el6_9flash-plugin-30.0.0.113-1.el6_9.i686.rpm

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.031

Percentile

91.1%