CVE-2018-15981: Adobe Flash Player Arbitrary Code Execution Vulnerability
On November 20, Adobe officially released the Security updates available for Flash Player, which fixes a critical vulnerability in this products. The details about the vulnerability have already been made public. Successful exploitation does allow arbitrary code execution. Widespread exploitation may be imminent.
Vulnerability Overview:
Adobe has released a security update for Adobe Flash Player for Windows, macOS, Linux and Chrome OS. These updates resolve an information disclosure vulnerability in Adobe Flash Player 31.0.0.148 and earlier.
Affected Version
Product | Version | Platform |
Adobe Flash Player Desktop Runtime | 31.0.0.148 and earlier versions | Windows, macOS and Linux |
Adobe Flash Player for Google Chrome | 31.0.0.148 and earlier versions | Windows, macOS, Linux and Chrome OS |
Adobe Flash Player for Microsoft Edge and Internet Explorer 11 | 31.0.0.148 and earlier versions | Windows 10 and 8.1 |
Vulnerability Category | Vulnerability Impact | Severity | CVE Number |
Type Confusion | Arbitrary code execution | Critical | CVE-2018-15981 |
Solution
Adobe has released a new version to fix the above vulnerability; users should upgrade your software as soon as possible.