CVE-2018-5002 – Adobe Flash Player Stack Buffer Overflow Vulnerability Alert!
Credit to Author: Sameer Patil| Date: Fri, 08 Jun 2018 09:59:53 +0000
Estimated reading time: 1 minuteThe recent zero-day vulnerability CVE-2018-5002 in Adobe Flash Player enables attackers to perform a Remote Code Execution on targeted machines. Adobe has released a security advisory APSB18-19 on June 7, 2018 to address this issue. According to Adobe, the in-wild exploit is being used in limited, targeted attacks and it impacts limited Windows users. Vulnerable versions Adobe Flash Player 29.0.0.171 and prior versions for Desktop Runtime, Google Chrome, Microsoft Edge and Internet Explorer 11 About the vulnerability This is a stack buffer overflow vulnerability in Adobe Flash player which allows attackers to perform a Arbitrary Code Execution on targeted machines. After successful exploitation, attackers can take control of the vulnerable systems and download and execute malware on them. This is a stack buffer overflow vulnerability in Adobe Flash player which allows attackers to perform a Arbitrary Code Execution on targeted machines. After successful exploitation, attackers can take control of the vulnerable systems and download and execute malware on them. Reportedly, the vulnerability is currently being exploited in the wild through a malicious Office document. This office document is an initial attack vector which further downloads and executes malicious Flash file. According to the advisory, the malicious office document was distributed through email. Quick Heal detection Quick Heal has released the following detection for the vulnerability CVE-2018-5002: Exp.SWF.CVE-2018-5002 Exp.XLS.CVE-2018-5002 Quick Heal Security Labs is actively looking for new in-the-wild exploits for this vulnerability and ensuring coverage for them. References https://helpx.adobe.com/security/products/flash-player/apsb18-19.html Subject Matter Experts Sameer Patil | Quick Heal Security Labs The post CVE-2018-5002 – Adobe Flash Player Stack Buffer Overflow Vulnerability Alert! appeared first on Quick Heal Blog | Latest computer security news, tips, and advice.
http://blogs.quickheal.com/feed/