FILE-FLASH -- Snort has detected suspicious traffic via the Adobe Flash Player. Flash is a common target of code execution, overflow, DoS, and memory corruption attacks in particular, via swifs, action scripts, etc. Many networks block Flash altogether; the application will be deprecated in 2020.
FILE-FLASH Adobe Flash Player ActionScript NetConnection type confusion attempt
This event is generated when an attacker attempts to exploit a type confusion vulnerability in Adobe Flash Player.
Attempted User Privilege Gain
Rule checks for attempts to exploit a type confusion vulnerability in Adobe Flash Player.
Ease of Attack:
What To Look For
No public information
No known false positives
Cisco Talos Intelligence Group
MITRE ATT&CK Framework
For reference, see the MITRE ATT&CK vulnerability types here:
CVE Additional Information
CVE-2018-5007Adobe Flash Player 184.108.40.206 and earlier versions have a Type Confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
||Ease of Access||