Think you have a false positive on this rule?

Sid 1-48401

Message

FILE-FLASH Adobe Flash Player out of bounds read attempt

Summary

This event is generated when a Flash file that exploits the vulnerability outlined in CVE-2018-15978 is detected.

Impact

Out of bounds read

CVE-2018-15978:

CVSS base score 7.5

CVSS impact score 3.6

CVSS exploitability score 3.9

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Detailed information

CVE-2018-15978: Flash Player versions 31.0.0.122 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Affected systems

  • adobe flash_player 31.0.0.122
  • adobe flashplayerdesktop_runtime 31.0.0.122
  • redhat enterpriselinuxdesktop 6.0
  • redhat enterpriselinuxserver 6.0
  • redhat enterpriselinuxworkstation 6.0

Ease of attack

CVE-2018-15978:

Access Vector

Access Complexity

Authentication

False positives

False negatives

Corrective action

Contributors

  • Cisco's Talos Intelligence Group

Additional References