CVE-2018-15982
Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have a use after free vulnerability. Successful exploitation could lead to...
Basic Information
- CVE State
- PUBLISHED
- Reserved Date
- August 28, 2018
- Published Date
- January 18, 2019
- Last Updated
- February 04, 2025
- Vendor
- Adobe
- Product
- Flash Player
- Description
- Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution.
- Tags
- Exploitation
- active
- Automatable
- Yes
- Technical Impact
- total
CVSS Scores
CVSS v3.1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS v2.0
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
SSVC Information
References
Known Exploited Vulnerability Information
| Source | Added Date |
|---|---|
| CISA | 2022-02-15 00:00:00 UTC |
Potential Proof of Concepts
Warning: These PoCs have not been tested and could contain malware. Use at your own risk.
SyFi/CVE-2018-15982
Type: github • Created: 2018-12-20 02:40:22 UTC • Stars: 5
scanfsec/CVE-2018-15982
Type: github • Created: 2018-12-12 04:07:08 UTC • Stars: 28
jas502n/CVE-2018-15982_EXP_IE
Type: github • Created: 2018-12-12 02:41:31 UTC • Stars: 11
Ridter/CVE-2018-15982_EXP
Type: github • Created: 2018-12-10 04:53:31 UTC • Stars: 181
Ormicron/CVE-2018-15982_PoC
Type: github • Created: 2018-12-06 09:24:47 UTC • Stars: 14
FlatL1neAPT/CVE-2018-15982
Type: github • Created: 2018-12-05 23:41:37 UTC • Stars: 0
Timeline
-
CVE ID Reserved
-
Proof of Concept Exploit Available
-
CVE Published to Public
-
Exploit Used in Malware
-
Added to KEVIntel