CVE-2018-15981: Adobe Flash Player Arbitrary Code Execution Vulnerability

On November 20, Adobe officially released the Security updates available for Flash Player, which fixes a critical vulnerability in this products. The details about the vulnerability have already been made public. Successful exploitation does allow arbitrary code execution. Widespread exploitation may be imminent.

Vulnerability Overview:

Adobe has released a security update for Adobe Flash Player for Windows, macOS, Linux and Chrome OS. These updates resolve an information disclosure vulnerability in Adobe Flash Player 31.0.0.148 and earlier.

Affected Version

Product Version Platform
Adobe Flash Player Desktop Runtime 31.0.0.148 and earlier versions Windows, macOS and Linux
Adobe Flash Player for Google Chrome 31.0.0.148 and earlier versions Windows, macOS, Linux and Chrome OS
Adobe Flash Player for Microsoft Edge and Internet Explorer 11 31.0.0.148 and earlier versions Windows 10 and 8.1

 

Vulnerability Category Vulnerability Impact Severity CVE Number
Type Confusion Arbitrary code execution Critical CVE-2018-15981

Solution

Adobe has released a new version to fix the above vulnerability; users should upgrade your software as soon as possible.