FILE-FLASH -- Snort has detected suspicious traffic via the Adobe Flash Player. Flash is a common target of code execution, overflow, DoS, and memory corruption attacks in particular, via swifs, action scripts, etc. Many networks block Flash altogether; the application will be deprecated in 2020.
FILE-FLASH Adobe Flash Player TVSDK metadata use after free attempt
This event is generated when an attacker attempts to exploit a vulnerability in Adobe Flash. Impact: Attempted User Privilege Gain Details: Ease of Attack:
No public information
No known false positives
Cisco Talos Intelligence Group
Tactic:
Technique:
For reference, see the MITRE ATT&CK vulnerability types here: https://attack.mitre.org
CVE-2018-15982Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. |
|