Flash Player爆出UAF远程代码执行漏洞0Day漏洞CVE-2018-4878
2018-06-11 来源:
近日,Adobe Flash Player爆出UAF 远程代码执行漏洞 0Day漏洞 ,CVE编号CVE-2018-4878,攻击者可以利用此问题,在运行受影响应用程序的用户的上下文中执行任意代码,失败的攻击尝试还可能导致 DoS攻击 ,Adobe Flash Player 28.0.0.137及之前版本均受影响。SecurityFocus及绿盟科技发布预警通告,相关信息如下
CVE-2018-4878漏洞概要
针对CVE-2018-4878漏洞情况,安全加整理了相关内容如下,这些内容可能来自于CVE-2018-4878涉及厂商、CVE-2018-4878漏洞信息发布组织、CVE、SecurityFocus及其它第三方组织。
CVE-2018-4878漏洞标识
- CVE ID:CVE-2018-4878
- BUGTRAQ ID:102893
- 漏洞涉及厂商漏洞库ID:【漏洞涉及厂商漏洞库ID】
- CNNVD ID:【CNNVD漏洞编号】
- 绿盟科技漏洞库ID:38890
CVE-2018-4878漏洞相关链接
【增补中】
- 百度链接:https://www.baidu.com/s?wd=CVE-2018-4878
- 绿盟科技漏洞库链接:http://www.nsfocus.net/vulndb/{绿盟科技漏洞库ID}
- SecurityFocus链接:https://www.securityfocus.com/bid/102893
- CVE链接:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4878
CVE-2018-4878漏洞描述
【增补中】
CVE评价该漏洞
CVE目前处于保留状态
** RESERVED ** This candidate has been reserved by an organization or inpidual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
SecurityFocus评价该漏洞
Adobe Flash Player CVE-2018-4878 UAF远程代码执行漏洞
Adobe Flash播放器容易出现未指定的远程代码执行漏洞。攻击者可以利用此问题在运行受影响应用程序的用户的上下文中执行任意代码。失败的攻击尝试可能会导致拒绝服务条件。
Adobe Flash Player 28.0.0.137及之前版本均受影响
Bugtraq ID: | 102893 |
Class: | Unknown |
CVE: | CVE-2018-4878 |
Remote: | Yes |
Local: | No |
Published: | Feb 01 2018 12:00AM |
Updated: | Feb 01 2018 12:00AM |
Credit: | KrCERT/CC |
Vulnerable: |
Adobe Flash Player 16.0 235 Adobe Flash Player 14.0 179 Adobe Flash Player 14.0 177 Adobe Flash Player 14.0 176 Adobe Flash Player 13.0 259 Adobe Flash Player 13.0 252 Adobe Flash Player 13.0 214 Adobe Flash Player 13.0 182 Adobe Flash Player 12.0 70 Adobe Flash Player 11.7.700 275 Adobe Flash Player 11.7.700 232 Adobe Flash Player 11.7.700 169 Adobe Flash Player 11.6.602 105 Adobe Flash Player 11.5.502 131 Adobe Flash Player 11.5.502 124 Adobe Flash Player 11.5.502 118 Adobe Flash Player 11.5.500 80 Adobe Flash Player 11.4.400 231 Adobe Flash Player 11.3.300 271 Adobe Flash Player 11.3.300 270 Adobe Flash Player 11.3.300 268 Adobe Flash Player 11.3.300 265 Adobe Flash Player 11.3.300 262 Adobe Flash Player 11.3.300 257 Adobe Flash Player 11.3.300 250 Adobe Flash Player 11.3.300 231 Adobe Flash Player 11.3.300 214 Adobe Flash Player 11.2.202 95 Adobe Flash Player 11.2.202 425 Adobe Flash Player 11.2.202 418 Adobe Flash Player 11.2.202 400 Adobe Flash Player 11.2.202 359 Adobe Flash Player 11.2.202 350 Adobe Flash Player 11.2.202 346 Adobe Flash Player 11.2.202 341 Adobe Flash Player 11.2.202 297 Adobe Flash Player 11.2.202 280 Adobe Flash Player 11.2.202 238 Adobe Flash Player 11.2.202 236 Adobe Flash Player 11.2.202 221 Adobe Flash Player 11.2.202 197 Adobe Flash Player 11.2.202 160 Adobe Flash Player 11.1.115 69 Adobe Flash Player 11.1.115 54 Adobe Flash Player 11.1.111 64 Adobe Flash Player 11.1.111 50 Adobe Flash Player 11.0.1 98 Adobe Flash Player 11.0.1 60 Adobe Flash Player 11.0.1 129 Adobe Flash Player 10.1.53 .64 Adobe Flash Player 10.1.51 .66 Adobe Flash Player 10.0.45 2 Adobe Flash Player 10.0.32 18 Adobe Flash Player 10.0.22 .87 Adobe Flash Player 10.0.15 .3 Adobe Flash Player 10.0.12 .36 Adobe Flash Player 10.0.12 .35 Adobe Flash Player 9.0.262 Adobe Flash Player 9.0.246 0 Adobe Flash Player 9.0.152 .0 Adobe Flash Player 9.0.151 .0 Adobe Flash Player 9.0.124 .0 Adobe Flash Player 9.0.9.0 Adobe Flash Player 9.0.8.0 Adobe Flash Player 9.0.48.0 Adobe Flash Player 9.0.47.0 Adobe Flash Player 9.0.45.0 Adobe Flash Player 9.0.31.0 Adobe Flash Player 9.0.289.0 Adobe Flash Player 9.0.283.0 Adobe Flash Player 9.0.280 Adobe Flash Player 9.0.28.0 Adobe Flash Player 9.0.277.0 Adobe Flash Player 9.0.262.0 Adobe Flash Player 9.0.260.0 Adobe Flash Player 9.0.246.0 Adobe Flash Player 9.0.159.0 Adobe Flash Player 9.0.155.0 Adobe Flash Player 9.0.115.0 Adobe Flash Player 9 Adobe Flash Player 8.0.35.0 Adobe Flash Player 8.0.34.0 Adobe Flash Player 8 Adobe Flash Player 7.61 Adobe Flash Player 7.0.73.0 Adobe Flash Player 7.0.70.0 Adobe Flash Player 7.0.69.0 Adobe Flash Player 7.0.68.0 Adobe Flash Player 7.0.67.0 Adobe Flash Player 7.0.66.0 Adobe Flash Player 7.0.61.0 Adobe Flash Player 7.0.60.0 Adobe Flash Player 7.0.53.0 Adobe Flash Player 7.0.24.0 Adobe Flash Player 7.0.19.0 Adobe Flash Player 7.0.14.0 Adobe Flash Player 7 Adobe Flash Player 6.0.79 Adobe Flash Player 6.0.21.0 Adobe Flash Player 4 Adobe Flash Player 3 Adobe Flash Player 28.0.0.137 Adobe Flash Player 28.0.0.126 Adobe Flash Player 27.0.0.187 Adobe Flash Player 27.0.0.170 Adobe Flash Player 27.0.0.159 Adobe Flash Player 27.0.0.130 Adobe Flash Player 26.0.0.151 Adobe Flash Player 26.0.0.137 Adobe Flash Player 26.0.0.131 Adobe Flash Player 26.0.0.126 Adobe Flash Player 26.0.0.120 Adobe Flash Player 25.0.0.171 Adobe Flash Player 25.0.0.163 Adobe Flash Player 25.0.0.148 Adobe Flash Player 25.0.0.127 Adobe Flash Player 24.0.0.221 Adobe Flash Player 24.0.0.194 Adobe Flash Player 24.0.0.186 Adobe Flash Player 23.0.0.207 Adobe Flash Player 23.0.0.205 Adobe Flash Player 23.0.0.185 Adobe Flash Player 23.0.0.162 Adobe Flash Player 22.0.0.192 Adobe Flash Player 21.0.0.242 Adobe Flash Player 21.0.0.241 Adobe Flash Player 21.0.0.226 Adobe Flash Player 21.0.0.216 Adobe Flash Player 21.0.0.213 Adobe Flash Player 21.0.0.197 Adobe Flash Player 21.0.0.182 Adobe Flash Player 21.0 Adobe Flash Player 20.0.0.306 Adobe Flash Player 20.0.0.286 Adobe Flash Player 20.0.0.272 Adobe Flash Player 20.0.0.267 Adobe Flash Player 20.0.0.235 Adobe Flash Player 20.0.0.228 Adobe Flash Player 2 Adobe Flash Player 19.0.0.245 Adobe Flash Player 19.0.0.226 Adobe Flash Player 19.0.0.207 Adobe Flash Player 19.0.0.185 Adobe Flash Player 18.0.0.375 Adobe Flash Player 18.0.0.366 Adobe Flash Player 18.0.0.360 Adobe Flash Player 18.0.0.352 Adobe Flash Player 18.0.0.343 Adobe Flash Player 18.0.0.333 Adobe Flash Player 18.0.0.329 Adobe Flash Player 18.0.0.326 Adobe Flash Player 18.0.0.324 Adobe Flash Player 18.0.0.268 Adobe Flash Player 18.0.0.261 Adobe Flash Player 18.0.0.255 Adobe Flash Player 18.0.0.252 Adobe Flash Player 18.0.0.241 Adobe Flash Player 18.0.0.233 Adobe Flash Player 18.0.0.232 Adobe Flash Player 18.0.0.209 Adobe Flash Player 18.0.0.204 Adobe Flash Player 18.0.0.203 Adobe Flash Player 18.0.0.194 Adobe Flash Player 18.0.0.161 Adobe Flash Player 18.0.0.160 Adobe Flash Player 18.0.0.143 Adobe Flash Player 17.0.0.188 Adobe Flash Player 17.0.0.169 Adobe Flash Player 17.0.0.134 Adobe Flash Player 16.0.0.305 Adobe Flash Player 16.0.0.296 Adobe Flash Player 16.0.0.291 Adobe Flash Player 16.0.0.287 Adobe Flash Player 16.0.0.257 Adobe Flash Player 16.0.0.234 Adobe Flash Player 15.0.0.246 Adobe Flash Player 15.0.0.242 Adobe Flash Player 15.0.0.239 Adobe Flash Player 15.0.0.223 Adobe Flash Player 15.0.0.189 Adobe Flash Player 15.0.0.152 Adobe Flash Player 14.0.0.145 Adobe Flash Player 14.0.0.125 Adobe Flash Player 13.0.0.309 Adobe Flash Player 13.0.0.302 Adobe Flash Player 13.0.0.296 Adobe Flash Player 13.0.0.292 Adobe Flash Player 13.0.0.289 Adobe Flash Player 13.0.0.281 Adobe Flash Player 13.0.0.277 Adobe Flash Player 13.0.0.269 Adobe Flash Player 13.0.0.264 Adobe Flash Player 13.0.0.262 Adobe Flash Player 13.0.0.260 Adobe Flash Player 13.0.0.258 Adobe Flash Player 13.0.0.250 Adobe Flash Player 13.0.0.244 Adobe Flash Player 13.0.0.241 Adobe Flash Player 13.0.0.231 Adobe Flash Player 13.0.0.223 Adobe Flash Player 13.0.0.206 Adobe Flash Player 13.0.0.201 Adobe Flash Player 12.0.0.77 Adobe Flash Player 12.0.0.44 Adobe Flash Player 12.0.0.43 Adobe Flash Player 12.0.0.41 Adobe Flash Player 12.0.0.38 Adobe Flash Player 12 Adobe Flash Player 11.9.900.170 Adobe Flash Player 11.9.900.152 Adobe Flash Player 11.9.900.117 Adobe Flash Player 11.8.800.97 Adobe Flash Player 11.8.800.94 Adobe Flash Player 11.8.800.170 Adobe Flash Player 11.8.800.168 Adobe Flash Player 11.7.700.279 Adobe Flash Player 11.7.700.272 Adobe Flash Player 11.7.700.269 Adobe Flash Player 11.7.700.261 Adobe Flash Player 11.7.700.260 Adobe Flash Player 11.7.700.257 Adobe Flash Player 11.7.700.252 Adobe Flash Player 11.7.700.242 Adobe Flash Player 11.7.700.225 Adobe Flash Player 11.7.700.224 Adobe Flash Player 11.7.700.203 Adobe Flash Player 11.7.700.202 Adobe Flash Player 11.6.602.180 Adobe Flash Player 11.6.602.171 Adobe Flash Player 11.6.602.168 Adobe Flash Player 11.6.602.167 Adobe Flash Player 11.5.502.149 Adobe Flash Player 11.5.502.146 Adobe Flash Player 11.5.502.136 Adobe Flash Player 11.5.502.135 Adobe Flash Player 11.5.502.110 Adobe Flash Player 11.4.402.287 Adobe Flash Player 11.4.402.278 Adobe Flash Player 11.4.402.265 Adobe Flash Player 11.3.378.5 Adobe Flash Player 11.3.31.230 Adobe Flash Player 11.3.300.273 Adobe Flash Player 11.2.202.644 Adobe Flash Player 11.2.202.635 Adobe Flash Player 11.2.202.632 Adobe Flash Player 11.2.202.626 Adobe Flash Player 11.2.202.621 Adobe Flash Player 11.2.202.616 Adobe Flash Player 11.2.202.577 Adobe Flash Player 11.2.202.569 Adobe Flash Player 11.2.202.559 Adobe Flash Player 11.2.202.554 Adobe Flash Player 11.2.202.548 Adobe Flash Player 11.2.202.540 Adobe Flash Player 11.2.202.535 Adobe Flash Player 11.2.202.521 Adobe Flash Player 11.2.202.508 Adobe Flash Player 11.2.202.491 Adobe Flash Player 11.2.202.481 Adobe Flash Player 11.2.202.468 Adobe Flash Player 11.2.202.466 Adobe Flash Player 11.2.202.460 Adobe Flash Player 11.2.202.457 Adobe Flash Player 11.2.202.451 Adobe Flash Player 11.2.202.442 Adobe Flash Player 11.2.202.440 Adobe Flash Player 11.2.202.438 Adobe Flash Player 11.2.202.429 Adobe Flash Player 11.2.202.424 Adobe Flash Player 11.2.202.411 Adobe Flash Player 11.2.202.406 Adobe Flash Player 11.2.202.394 Adobe Flash Player 11.2.202.378 Adobe Flash Player 11.2.202.356 Adobe Flash Player 11.2.202.336 Adobe Flash Player 11.2.202.335 Adobe Flash Player 11.2.202.332 Adobe Flash Player 11.2.202.327 Adobe Flash Player 11.2.202.310 Adobe Flash Player 11.2.202.291 Adobe Flash Player 11.2.202.285 Adobe Flash Player 11.2.202.275 Adobe Flash Player 11.2.202.273 Adobe Flash Player 11.2.202.270 Adobe Flash Player 11.2.202.262 Adobe Flash Player 11.2.202.261 Adobe Flash Player 11.2.202.258 Adobe Flash Player 11.2.202.251 Adobe Flash Player 11.2.202.243 Adobe Flash Player 11.2.202.238 Adobe Flash Player 11.2.202.235 Adobe Flash Player 11.2.202.233 Adobe Flash Player 11.2.202.229 Adobe Flash Player 11.2.202.228 Adobe Flash Player 11.2.202.223 Adobe Flash Player 11.1.115.81 Adobe Flash Player 11.1.115.8 Adobe Flash Player 11.1.115.7 Adobe Flash Player 11.1.115.63 Adobe Flash Player 11.1.115.6 Adobe Flash Player 11.1.115.59 Adobe Flash Player 11.1.115.58 Adobe Flash Player 11.1.115.48 Adobe Flash Player 11.1.115.34 Adobe Flash Player 11.1.115.11 Adobe Flash Player 11.1.112.61 Adobe Flash Player 11.1.111.9 Adobe Flash Player 11.1.111.8 Adobe Flash Player 11.1.111.73 Adobe Flash Player 11.1.111.7 Adobe Flash Player 11.1.111.6 Adobe Flash Player 11.1.111.54 Adobe Flash Player 11.1.111.5 Adobe Flash Player 11.1.111.44 Adobe Flash Player 11.1.111.10 Adobe Flash Player 11.1.102.63 Adobe Flash Player 11.1.102.62 Adobe Flash Player 11.1.102.59 Adobe Flash Player 11.1.102.55 Adobe Flash Player 11.1.102.228 Adobe Flash Player 11.1 Adobe Flash Player 11.0.1.153 Adobe Flash Player 11.0.1.152 Adobe Flash Player 11.0 Adobe Flash Player 11 Adobe Flash Player 10.3.186.7 Adobe Flash Player 10.3.186.6 Adobe Flash Player 10.3.186.3 Adobe Flash Player 10.3.186.2 Adobe Flash Player 10.3.185.25 Adobe Flash Player 10.3.185.24 Adobe Flash Player 10.3.185.23 Adobe Flash Player 10.3.185.22 Adobe Flash Player 10.3.185.21 Adobe Flash Player 10.3.183.86 Adobe Flash Player 10.3.183.75 Adobe Flash Player 10.3.183.7 Adobe Flash Player 10.3.183.68 Adobe Flash Player 10.3.183.67 Adobe Flash Player 10.3.183.63 Adobe Flash Player 10.3.183.61 Adobe Flash Player 10.3.183.51 Adobe Flash Player 10.3.183.50 Adobe Flash Player 10.3.183.5 Adobe Flash Player 10.3.183.48 Adobe Flash Player 10.3.183.43 Adobe Flash Player 10.3.183.4 Adobe Flash Player 10.3.183.29 Adobe Flash Player 10.3.183.25 Adobe Flash Player 10.3.183.23 Adobe Flash Player 10.3.183.20 Adobe Flash Player 10.3.183.19 Adobe Flash Player 10.3.183.18 Adobe Flash Player 10.3.183.16 Adobe Flash Player 10.3.183.15 Adobe Flash Player 10.3.183.11 Adobe Flash Player 10.3.183.10 Adobe Flash Player 10.3.181.34 Adobe Flash Player 10.3.181.26 Adobe Flash Player 10.3.181.23 Adobe Flash Player 10.3.181.22 Adobe Flash Player 10.3.181.16 Adobe Flash Player 10.3.181.14 Adobe Flash Player 10.2.159.1 Adobe Flash Player 10.2.157.51 Adobe Flash Player 10.2.156.12 Adobe Flash Player 10.2.154.28 Adobe Flash Player 10.2.154.27 Adobe Flash Player 10.2.154.25 Adobe Flash Player 10.2.154.24 Adobe Flash Player 10.2.154.18 Adobe Flash Player 10.2.154.13 Adobe Flash Player 10.2.153.1 Adobe Flash Player 10.2.152.33 Adobe Flash Player 10.2.152.32 Adobe Flash Player 10.2.152.26 Adobe Flash Player 10.2.152.21 Adobe Flash Player 10.2.152 Adobe Flash Player 10.1.95.2 Adobe Flash Player 10.1.95.1 Adobe Flash Player 10.1.92.8 Adobe Flash Player 10.1.92.10 Adobe Flash Player 10.1.85.3 Adobe Flash Player 10.1.82.76 Adobe Flash Player 10.1.52.15 Adobe Flash Player 10.1.52.14.1 Adobe Flash Player 10.1.52.14 Adobe Flash Player 10.1.106.17 Adobe Flash Player 10.1.106.16 Adobe Flash Player 10.1.105.6 Adobe Flash Player 10.1.102.65 Adobe Flash Player 10.1.102.64 Adobe Flash Player 10.1 Adobe Flash Player 10.0.42.34 Adobe Flash Player 10.0.32.18 Adobe Flash Player 10.0.2.54 Adobe Flash Player 10 |
Not Vulnerable: |
绿盟科技评价该漏洞
当地时间2月1日,北京时间2月2日,Adobe Flash Player被发现存在一个0-day漏洞(CVE-2018-4878),并且已被攻击者利用,该漏洞影响目前所有版本。攻击者可以诱使用户打开包含恶意Flash代码的Microsoft Office文档,网页,垃圾电子邮件等。恶意代码被认为是嵌入在MS Word文档中的Flash SWF文件中。
Adobe也发布通告表示CVE-2018-4878的漏洞利用已经存在,将在2月5日的补丁中修复该漏洞。
相关链接:
https://www.bleepingcomputer.com/news/security/new-adobe-flash-zero-day-spotted-in-the-wild/
https://helpx.adobe.com/security/products/flash-player/apsa18-01.html
受影响的版本
Adobe Flash Player <= 28.0.0.137
不受影响的版本
目前版本均受影响,Adobe将于2月5日更新补丁。
CVE-2018-4878漏洞影响范围
CVE-2018-4878漏洞涉及厂商
macromedia
CVE-2018-4878漏洞涉及产品
Adobe Flash Player
CVE-2018-4878漏洞影响版本
Adobe Flash Player <= 28.0.0.137
CVE-2018-4878漏洞解决方案
【增补中】
{CVE-2018-4878漏洞涉及厂商}声明
【增补中】
绿盟科技声明
Adobe官方2月1日发布通告表示该漏洞将于2月5日的补丁中修复。在此之前用户可以考虑禁用或卸载Flash Player,或者使用受保护的视图打开Microsoft Office文档。
在补丁发布后,用户应该及时下载更新进行防护。
- 检查当前版本:
访问网站 http://www.adobe.com/software/flash/about/ ,则会提示当前系统中的Adobe Flash Player版本。
- 更新安装新版本:
在官方发布新版本之后,访问 https://get.adobe.com/flashplayer ,取消可选程序安装(下图红框所示),点击右下角的立即安装即可进行更新。
参考链接:
https://helpx.adobe.com/security/products/flash-player/apsa18-01.html
CVE-2018-4878漏洞安全加声明
本页信息用以描述CVE-2018-4878漏洞的信息,这些信息便于您对CVE-2018-4878漏洞进行快速阅读并了解相关信息。如下信息如有空缺,则CVE-2018-4878漏洞相关内容正在增补中,如果您知悉相关内容或者如下内容有异议,可以联系站长:安全加QQ:468215215;Weixin:gnaw0725
CVE-2018-4878漏洞相关内容
CVE-2018-4878漏洞相关漏洞
漏洞列表
CVE-2018-4878漏洞相关文章
转自:安全加
链接: http://toutiao.secjia.com/cve-2018-1142
标签: https 安全 代码 电子邮件 漏洞 网站 问题 用户
版权申明:本站文章部分自网络,如有侵权,请联系:west999com@outlook.com
特别注意:本站所有转载文章言论不代表本站观点!
本站所提供的图片等素材,版权归原作者所有,如需使用,请与原作者联系。