Endpoint Vulnerability

Security Vulnerabilities in APSA18-01 for Adobe Flash Player

Description

A critical vulnerability (CVE-2018-4878) exists in Adobe Flash Player 28.0.0.137 and earlier versions. Successful exploitation could potentially allow an attacker to take control of the affected system.Adobe is aware of a report that an exploit for CVE-2018-4878 exists in the wild, and is being used in limited, targeted attacks against Windows users. These attacks leverage Office documents with embedded malicious Flash content distributed via email.Adobe addressed this vulnerability in version 28.0.0.161, released on February 6, 2018. See thisbulletinfor more details.

Affected Products

Adobe Flash Player NPAPI plug-in for Firefox

References

CVE-2018-4878,