FILE-MULTIMEDIA Adobe Flash Player malformed COMM ID3 frame out-of-bounds read attempt
This event is generated when an attacker attempts to exploit an out-of-bounds read vulnerability in Adobe Flash Player.
Attempted User Privilege Gain
CVSS base score 5.9
CVSS impact score 3.6
CVSS exploitability score 2.2
Confidentiality Impact HIGH
Integrity Impact NONE
Availability Impact NONE
Rule checks for attempts to exploit an out-of-bounds read vulnerability in Adobe Flash Player.
CVE-2018-12824: Adobe Flash Player 18.104.22.168 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
- adobe flash_player 22.214.171.124
- adobe flashplayerdesktop_runtime 126.96.36.199
- redhat enterpriselinuxdesktop 6.0
- redhat enterpriselinuxserver 6.0
- redhat enterpriselinuxworkstation 6.0
Ease of attack
- Cisco's Talos Intelligence Group