Log in to Your Red Hat Account

Your Red Hat account gives you access to your profile, preferences, and services, depending on your status.

If you are a new customer, register now for access to product evaluations and purchasing capabilities.

Need access to an account?

If your company has an existing Red Hat account, your organization administrator can grant you access.

If you have any questions, please contact customer service.

Red Hat Account Number:

Red Hat Account

Customer Portal

For your security, if you’re on a public computer and have finished using your Red Hat services, please be sure to log out.

Select Your Language

Warning message

This translation is outdated. For the most up-to-date information, please refer to the English version.

CVE-2018-4877

Impact:: Critical
Public Date:: 2018-02-01
CWE:: CWE-416

Bugzilla:: 1541981: CVE-2018-4877 CVE-2018-4878 flash-plugin: 解放済みメモリー使用によるリモートのコード実行 (APSB18-03)

The MITRE CVE dictionary describes this issue as:

Adobe Flash Player の 28.0.0.161 よりも前のバージョンで、解放済みメモリー使用の脆弱性が発見されました。この脆弱性は、サービス機能の質に関連する Primetime SDK の付随的ポインターが原因となっています。

Find out more about CVE-2018-4877 from the MITRE CVE dictionary dictionary and NIST NVD.

CVSS v3 metrics

CVSS3 Base Score	8.8
CVSS3 Base Metrics	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector	Network
Attack Complexity	Low
Privileges Required	None
User Interaction	Required
Scope	Unchanged
Confidentiality	High
Integrity Impact	High
Availability Impact	High

Red Hat Security Errata

Platform	Errata	Release Date
Red Hat Enterprise Linux Supplementary (v. 6) (flash-plugin)	RHSA-2018:0285	2018-02-07

External References

https://helpx.adobe.com/security/products/flash-player/apsb18-03.html

Last Modified 2018-03-06T03:46:19+00:00

CVE description copyright © 2017, The MITRE Corporation