FILE-MULTIMEDIA Adobe Flash Player malformed COMM ID3 frame out-of-bounds read attempt
This event is generated when an attacker attempts to exploit an out-of-bounds read vulnerability in Adobe Flash Player.
Attempted User Privilege Gain
CVSS base score 5.9
CVSS impact score 3.6
CVSS exploitability score 2.2
Confidentiality Impact HIGH
Integrity Impact NONE
Availability Impact NONE
Rule checks for attempts to exploit an out-of-bounds read vulnerability in Adobe Flash Player.
CVE-2018-12824: Adobe Flash Player 220.127.116.11 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
- adobe flash_player 18.104.22.168
- adobe flashplayerdesktop_runtime 22.214.171.124
- redhat enterpriselinuxdesktop 6.0
- redhat enterpriselinuxserver 6.0
- redhat enterpriselinuxworkstation 6.0
Ease of attack
- Cisco's Talos Intelligence Group