Think you have a false positive on this rule?

Sid 1-47530

Message

FILE-MULTIMEDIA Adobe Flash Player malformed COMM ID3 frame out-of-bounds read attempt

Summary

This event is generated when an attacker attempts to exploit an out-of-bounds read vulnerability in Adobe Flash Player.

Impact

Attempted User Privilege Gain

CVE-2018-12824:

CVSS base score 5.9

CVSS impact score 3.6

CVSS exploitability score 2.2

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Detailed information

Rule checks for attempts to exploit an out-of-bounds read vulnerability in Adobe Flash Player. CVE-2018-12824: Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Affected systems

  • adobe flash_player 30.0.0.154
  • adobe flashplayerdesktop_runtime 30.0.0.154
  • redhat enterpriselinuxdesktop 6.0
  • redhat enterpriselinuxserver 6.0
  • redhat enterpriselinuxworkstation 6.0

Ease of attack

CVE-2018-12824:

Access Vector

Access Complexity

Authentication

False positives

Not known

False negatives

Not known

Corrective action

Contributors

  • Cisco's Talos Intelligence Group

Additional References

  • helpx.adobe.com/security/products/flash-player/APSB18-25.html