Sid 1-47530

Report a false positive

Rule Category

FILE-MULTIMEDIA -- Snort detected traffic targeting vulnerabilities in multimedia files (mp3, movies, wmv, etc.).

Alert Message

FILE-MULTIMEDIA Adobe Flash Player malformed COMM ID3 frame out-of-bounds read attempt

Rule Explanation

This event is generated when an attacker attempts to exploit an out-of-bounds read vulnerability in Adobe Flash Player. Impact: Attempted User Privilege Gain Details: Rule checks for attempts to exploit an out-of-bounds read vulnerability in Adobe Flash Player. Ease of Attack:

What To Look For

Known Usage

No public information

False Positives

No known false positives

Contributors

Cisco Talos Intelligence Group

MITRE ATT&CK Framework

Tactic:

Technique:

For reference, see the MITRE ATT&CK vulnerability types here: https://attack.mitre.org

CVE

CVE-2018-12824

Additional Links

helpx.adobe.com/security/products/flash-player/APSB18-25.html

Rule Vulnerability

CVE Additional Information

CVE-2018-12824
Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
Details
Severity Base Score5.9
Impact Score3.6 Exploit Score2.2
Confidentiality ImpactHIGH Integrity ImpactNONE
Availability ImpactNONE Access Vector
Authentication Ease of Access

Affected Systems