Think you have a false positive on this rule?

Sid 1-46598

Message

FILE-FLASH Adobe Flash Player ASnative MovieClip type confusion attempt

Summary

This event is generated when an attacker attempts to exploit CVE-2018-4944.

Impact

Attempted User Privilege Gain

CVE-2018-4944:

CVSS base score 9.8

CVSS impact score 5.9

CVSS exploitability score 3.9

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

CVE-2018-4945:

CVSS base score 8.8

CVSS impact score 5.9

CVSS exploitability score 2.8

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Detailed information

CVE-2018-4944: Adobe Flash Player versions 29.0.0.140 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

CVE-2018-4945: Adobe Flash Player versions 29.0.0.171 and earlier have a Type Confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

Affected systems

  • adobe flash_player 29.0.0.140
  • redhat enterpriselinuxdesktop 6.0
  • redhat enterpriselinuxserver 6.0
  • redhat enterpriselinuxworkstation 6.0
  • adobe flash_player 29.0.0.171
  • adobe flashplayerdesktop_runtime 29.0.0.171

Ease of attack

CVE-2018-4944:

Access Vector

Access Complexity

Authentication

CVE-2018-4945:

Access Vector

Access Complexity

Authentication

False positives

False negatives

Corrective action

Contributors

  • Cisco's Talos Intelligence Group

Additional References

  • helpx.adobe.com/security/products/flash-player/APSB18-16.html
  • helpx.adobe.com/security/products/flash-player/APSB18-19.html