COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2018-4878

CVE-2018-4878

Severity
critical · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2021-11-03
Reference
https://nvd.nist.gov/vuln/detail/CVE-2018-4878
⚡ RCE ⌖ exploited in the wild shame 95/100 ransomwarerceexploited-in-wild

Adobe Flash Player contains a use-after-free vulnerability that could allow for code execution.

Players implicated

Adobe · vendorFlash Player · product

Description

Adobe Flash Player contains a use-after-free vulnerability that could allow for code execution.

Affected FedRAMP products 8 in the catalog

ProductProviderStatusMatch
Adobe Acrobat Sign for Government Adobe Authorized vendor-exact · 0.90
Adobe Analytics Adobe Authorized vendor-exact · 0.90
Adobe Campaign Adobe Authorized vendor-exact · 0.90
Adobe Connect Managed Services (ACMS-GC) Adobe Authorized vendor-exact · 0.90
Adobe Creative Cloud for Enterprise Adobe Authorized vendor-exact · 0.90
Adobe Document Cloud (PDF Services & Adobe Sign) Adobe Authorized vendor-exact · 0.90
Adobe Experience Manager Managed Services (AEMMS-GC) Adobe Authorized vendor-exact · 0.90
Adobe Learning Manager Adobe Authorized vendor-exact · 0.90