TTCSIRT-086.020518: TT-CSIRT Advisory – Adobe Security Updates
Adobe reports that a vulnerability has been discovered in Adobe Flash Player that could allow for remote code execution. This vulnerability occurs due to a use-after-free error (CVE-2018-4878).
Depending on the privileges associated with this application, an attacker could then install programs, view, change, or delete data or create new accounts with full user rights. If this application has been configured to have fewer user rights on the system, exploitation of this vulnerability could have less impact than if it was configured with administrative rights.
Further information on this vulnerability and how it can be mitigated can be found at https://www.cisecurity.org/advisory/a-vulnerability-in-adobe-flash-player-could-allow-for-remote-code-execution-apsa18-01_2018-016/ |