ByteOS Network

Vulnerability Details :

CVE-2018-4878

Summary

Assigner-adobe

Assigner Org ID-078d4453-3bcd-4900-85e6-15281da43538

Published At-06 Feb, 2018 | 20:00

Updated At-30 Jul, 2025 | 01:46

Adobe Flash Player Use-After-Free Vulnerability

Adobe Flash Player contains a use-after-free vulnerability that could allow for code execution.

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

▼Known Exploited Vulnerabilities (KEV)

cisa.gov

Vendor:

Adobe Inc.

Product:Flash Player

Added At:03 Nov, 2021

Due At:03 May, 2022

Adobe Flash Player Use-After-Free Vulnerability

Adobe Flash Player contains a use-after-free vulnerability that could allow for code execution.

Used in Ransomware

Known

CWE

CWE-416

Required Action:

The impacted product is end-of-life and should be disconnected if still in use.

Additional Notes:

https://nvd.nist.gov/vuln/detail/CVE-2018-4878

▼Common Vulnerabilities and Exposures (CVE)

cve.org

Assigner:adobe

Assigner Org ID:078d4453-3bcd-4900-85e6-15281da43538

Published At:06 Feb, 2018 | 20:00

Updated At:30 Jul, 2025 | 01:46

▼CVE Numbering Authority (CNA)

A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This vulnerability occurs due to a dangling pointer in the Primetime SDK related to media player handling of listener objects. A successful attack can lead to arbitrary code execution. This was exploited in the wild in January and February 2018.

Affected Products

Vendor

n/a

Product

Adobe Flash Player before 28.0.0.161

Versions

Affected

Adobe Flash Player before 28.0.0.161

Problem Types

Type	CWE ID	Description
text	N/A	use-after-free

Type: text

CWE ID: N/A

Description: use-after-free

References

Hyperlink	Resource
http://blog.talosintelligence.com/2018/02/group-123-goes-wild.html	x_refsource_MISC
https://threatpost.com/adobe-flash-player-zero-day-spotted-in-the-wild/129742/	x_refsource_MISC
https://helpx.adobe.com/security/products/flash-player/apsb18-03.html	x_refsource_MISC
https://access.redhat.com/errata/RHSA-2018:0285	vendor-advisory x_refsource_REDHAT
http://www.securitytracker.com/id/1040318	vdb-entry x_refsource_SECTRACK
http://www.securityfocus.com/bid/102893	vdb-entry x_refsource_BID
https://www.fireeye.com/blog/threat-research/2018/02/attacks-leveraging-adobe-zero-day.html	x_refsource_MISC
https://blog.morphisec.com/flash-exploit-cve-2018-4878-spotted-in-the-wild-massive-malspam-campaign	x_refsource_MISC
https://www.darkreading.com/threat-intelligence/adobe-flash-vulnerability-reappears-in-malicious-word-files/d/d-id/1331139	x_refsource_MISC
https://github.com/InQuest/malware-samples/tree/master/CVE-2018-4878-Adobe-Flash-DRM-UAF-0day	x_refsource_MISC
https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/north-korean-hackers-allegedly-exploit-adobe-flash-player-vulnerability-cve-2018-4878-against-south-korean-targets	x_refsource_MISC
https://github.com/vysec/CVE-2018-4878	x_refsource_MISC
https://securingtomorrow.mcafee.com/mcafee-labs/hackers-bypassed-adobe-flash-protection-mechanism/	x_refsource_MISC
https://www.exploit-db.com/exploits/44412/	exploit x_refsource_EXPLOIT-DB

Hyperlink: http://blog.talosintelligence.com/2018/02/group-123-goes-wild.html

Resource:

x_refsource_MISC

Hyperlink: https://threatpost.com/adobe-flash-player-zero-day-spotted-in-the-wild/129742/

Resource:

x_refsource_MISC

Hyperlink: https://helpx.adobe.com/security/products/flash-player/apsb18-03.html

Resource:

x_refsource_MISC

Hyperlink: https://access.redhat.com/errata/RHSA-2018:0285

Resource:

vendor-advisory

x_refsource_REDHAT

Hyperlink: http://www.securitytracker.com/id/1040318

Resource:

vdb-entry

x_refsource_SECTRACK

Hyperlink: http://www.securityfocus.com/bid/102893

Resource:

vdb-entry

x_refsource_BID

Hyperlink: https://www.fireeye.com/blog/threat-research/2018/02/attacks-leveraging-adobe-zero-day.html

Resource:

x_refsource_MISC

Hyperlink: https://blog.morphisec.com/flash-exploit-cve-2018-4878-spotted-in-the-wild-massive-malspam-campaign

Resource:

x_refsource_MISC

Hyperlink: https://www.darkreading.com/threat-intelligence/adobe-flash-vulnerability-reappears-in-malicious-word-files/d/d-id/1331139

Resource:

x_refsource_MISC

Hyperlink: https://github.com/InQuest/malware-samples/tree/master/CVE-2018-4878-Adobe-Flash-DRM-UAF-0day

Resource:

x_refsource_MISC

Hyperlink: https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/north-korean-hackers-allegedly-exploit-adobe-flash-player-vulnerability-cve-2018-4878-against-south-korean-targets

Resource:

x_refsource_MISC

Hyperlink: https://github.com/vysec/CVE-2018-4878

Resource:

x_refsource_MISC

Hyperlink: https://securingtomorrow.mcafee.com/mcafee-labs/hackers-bypassed-adobe-flash-protection-mechanism/

Resource:

x_refsource_MISC

Hyperlink: https://www.exploit-db.com/exploits/44412/

Resource:

exploit

x_refsource_EXPLOIT-DB

▼Authorized Data Publishers (ADP)

1. CVE Program Container

References

Hyperlink	Resource
http://blog.talosintelligence.com/2018/02/group-123-goes-wild.html	x_refsource_MISC x_transferred
https://threatpost.com/adobe-flash-player-zero-day-spotted-in-the-wild/129742/	x_refsource_MISC x_transferred
https://helpx.adobe.com/security/products/flash-player/apsb18-03.html	x_refsource_MISC x_transferred
https://access.redhat.com/errata/RHSA-2018:0285	vendor-advisory x_refsource_REDHAT x_transferred
http://www.securitytracker.com/id/1040318	vdb-entry x_refsource_SECTRACK x_transferred
http://www.securityfocus.com/bid/102893	vdb-entry x_refsource_BID x_transferred
https://www.fireeye.com/blog/threat-research/2018/02/attacks-leveraging-adobe-zero-day.html	x_refsource_MISC x_transferred
https://blog.morphisec.com/flash-exploit-cve-2018-4878-spotted-in-the-wild-massive-malspam-campaign	x_refsource_MISC x_transferred
https://www.darkreading.com/threat-intelligence/adobe-flash-vulnerability-reappears-in-malicious-word-files/d/d-id/1331139	x_refsource_MISC x_transferred
https://github.com/InQuest/malware-samples/tree/master/CVE-2018-4878-Adobe-Flash-DRM-UAF-0day	x_refsource_MISC x_transferred
https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/north-korean-hackers-allegedly-exploit-adobe-flash-player-vulnerability-cve-2018-4878-against-south-korean-targets	x_refsource_MISC x_transferred
https://github.com/vysec/CVE-2018-4878	x_refsource_MISC x_transferred
https://securingtomorrow.mcafee.com/mcafee-labs/hackers-bypassed-adobe-flash-protection-mechanism/	x_refsource_MISC x_transferred
https://www.exploit-db.com/exploits/44412/	exploit x_refsource_EXPLOIT-DB x_transferred

Hyperlink: http://blog.talosintelligence.com/2018/02/group-123-goes-wild.html

Resource:

x_refsource_MISC

x_transferred

Hyperlink: https://threatpost.com/adobe-flash-player-zero-day-spotted-in-the-wild/129742/

Resource:

x_refsource_MISC

x_transferred

Hyperlink: https://helpx.adobe.com/security/products/flash-player/apsb18-03.html

Resource:

x_refsource_MISC

x_transferred

Hyperlink: https://access.redhat.com/errata/RHSA-2018:0285

Resource:

vendor-advisory

x_refsource_REDHAT

x_transferred

Hyperlink: http://www.securitytracker.com/id/1040318

Resource:

vdb-entry

x_refsource_SECTRACK

x_transferred

Hyperlink: http://www.securityfocus.com/bid/102893

Resource:

vdb-entry

x_refsource_BID

x_transferred

Hyperlink: https://www.fireeye.com/blog/threat-research/2018/02/attacks-leveraging-adobe-zero-day.html

Resource:

x_refsource_MISC

x_transferred

Hyperlink: https://blog.morphisec.com/flash-exploit-cve-2018-4878-spotted-in-the-wild-massive-malspam-campaign

Resource:

x_refsource_MISC

x_transferred

Hyperlink: https://www.darkreading.com/threat-intelligence/adobe-flash-vulnerability-reappears-in-malicious-word-files/d/d-id/1331139

Resource:

x_refsource_MISC

x_transferred

Hyperlink: https://github.com/InQuest/malware-samples/tree/master/CVE-2018-4878-Adobe-Flash-DRM-UAF-0day

Resource:

x_refsource_MISC

x_transferred

Resource:

x_refsource_MISC

x_transferred

Hyperlink: https://github.com/vysec/CVE-2018-4878

Resource:

x_refsource_MISC

x_transferred

Hyperlink: https://securingtomorrow.mcafee.com/mcafee-labs/hackers-bypassed-adobe-flash-protection-mechanism/

Resource:

x_refsource_MISC

x_transferred

Hyperlink: https://www.exploit-db.com/exploits/44412/

Resource:

exploit

x_refsource_EXPLOIT-DB

x_transferred

2. CISA ADP Vulnrichment

Problem Types

Type	CWE ID	Description
CWE	CWE-416	CWE-416 Use After Free

Type: CWE

CWE ID: CWE-416

Description: CWE-416 Use After Free

Metrics

Version	Base score	Base severity	Vector
3.1	9.8	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Version: 3.1

Base score: 9.8

Base severity: CRITICAL

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Metrics Other Info

kev

dateAdded:

2021-11-03

reference:

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-4878

Timeline

Event	Date
CVE-2018-4878 added to CISA KEV	2021-11-03 00:00:00

Event: CVE-2018-4878 added to CISA KEV

Date: 2021-11-03 00:00:00

▼National Vulnerability Database (NVD)

nvd.nist.gov

Source:psirt@adobe.com

Published At:06 Feb, 2018 | 21:29

Updated At:13 Feb, 2025 | 17:38

CISA Catalog

Date Added	Due Date	Vulnerability Name	Required Action
2021-11-03	2022-05-03	Adobe Flash Player Use-After-Free Vulnerability	The impacted product is end-of-life and should be disconnected if still in use.

Date Added: 2021-11-03

Due Date: 2022-05-03

Vulnerability Name: Adobe Flash Player Use-After-Free Vulnerability

Required Action: The impacted product is end-of-life and should be disconnected if still in use.

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.1	9.8	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Secondary	3.1	9.8	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary	2.0	7.5	HIGH	AV:N/AC:L/Au:N/C:P/I:P/A:P

Type: Primary

Version: 3.1

Base score: 9.8

Base severity: CRITICAL

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Type: Secondary

Version: 3.1

Base score: 9.8

Base severity: CRITICAL

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Type: Primary

Version: 2.0

Base score: 7.5

Base severity: HIGH

Vector:

AV:N/AC:L/Au:N/C:P/I:P/A:P

CPE Matches

Adobe Inc.

>>flash_player>>Versions before 28.0.0.161(exclusive)

cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*

Apple Inc.

>>macos>>-

cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*

Linux Kernel Organization, Inc

>>linux_kernel>>-

cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

Microsoft Corporation

>>windows>>-

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Red Hat, Inc.

>>enterprise_linux_desktop>>6.0

cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*

Red Hat, Inc.

>>enterprise_linux_server>>6.0

cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*

Red Hat, Inc.

>>enterprise_linux_workstation>>6.0

cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*

Adobe Inc.

>>flash_player>>Versions before 28.0.0.161(exclusive)

cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*

Adobe Inc.

>>flash_player>>Versions before 28.0.0.161(exclusive)

cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_11:*:*

Microsoft Corporation

>>windows_10>>*

cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:*

Microsoft Corporation

>>windows_8.1>>*

cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*

Adobe Inc.

>>flash_player>>Versions before 28.0.0.161(exclusive)

cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*

Apple Inc.

>>macos>>-

cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*

Google LLC

>>chrome_os>>-

cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*

Linux Kernel Organization, Inc

>>linux_kernel>>-

cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

Microsoft Corporation

>>windows>>-

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-416	Primary	nvd@nist.gov
CWE-416	Secondary	134c704f-9b21-4f2e-91b3-4a467353bcc0

CWE ID: CWE-416

Type: Primary

Source: nvd@nist.gov

CWE ID: CWE-416

Type: Secondary

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

References

Hyperlink	Source	Resource
http://blog.talosintelligence.com/2018/02/group-123-goes-wild.html	psirt@adobe.com	Technical Description Third Party Advisory
http://www.securityfocus.com/bid/102893	psirt@adobe.com	Broken Link
http://www.securitytracker.com/id/1040318	psirt@adobe.com	Broken Link
https://access.redhat.com/errata/RHSA-2018:0285	psirt@adobe.com	Third Party Advisory
https://blog.morphisec.com/flash-exploit-cve-2018-4878-spotted-in-the-wild-massive-malspam-campaign	psirt@adobe.com	Third Party Advisory
https://github.com/InQuest/malware-samples/tree/master/CVE-2018-4878-Adobe-Flash-DRM-UAF-0day	psirt@adobe.com	Third Party Advisory
https://github.com/vysec/CVE-2018-4878	psirt@adobe.com	Third Party Advisory
https://helpx.adobe.com/security/products/flash-player/apsb18-03.html	psirt@adobe.com	Vendor Advisory
https://securingtomorrow.mcafee.com/mcafee-labs/hackers-bypassed-adobe-flash-protection-mechanism/	psirt@adobe.com	Exploit Third Party Advisory
https://threatpost.com/adobe-flash-player-zero-day-spotted-in-the-wild/129742/	psirt@adobe.com	Third Party Advisory
https://www.darkreading.com/threat-intelligence/adobe-flash-vulnerability-reappears-in-malicious-word-files/d/d-id/1331139	psirt@adobe.com	Press/Media Coverage Third Party Advisory
https://www.exploit-db.com/exploits/44412/	psirt@adobe.com	Exploit Third Party Advisory VDB Entry
https://www.fireeye.com/blog/threat-research/2018/02/attacks-leveraging-adobe-zero-day.html	psirt@adobe.com	Third Party Advisory
https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/north-korean-hackers-allegedly-exploit-adobe-flash-player-vulnerability-cve-2018-4878-against-south-korean-targets	psirt@adobe.com	Technical Description Third Party Advisory
http://blog.talosintelligence.com/2018/02/group-123-goes-wild.html	af854a3a-2127-422b-91ae-364da2661108	Technical Description Third Party Advisory
http://www.securityfocus.com/bid/102893	af854a3a-2127-422b-91ae-364da2661108	Broken Link
http://www.securitytracker.com/id/1040318	af854a3a-2127-422b-91ae-364da2661108	Broken Link
https://access.redhat.com/errata/RHSA-2018:0285	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory
https://blog.morphisec.com/flash-exploit-cve-2018-4878-spotted-in-the-wild-massive-malspam-campaign	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory
https://github.com/InQuest/malware-samples/tree/master/CVE-2018-4878-Adobe-Flash-DRM-UAF-0day	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory
https://github.com/vysec/CVE-2018-4878	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory
https://helpx.adobe.com/security/products/flash-player/apsb18-03.html	af854a3a-2127-422b-91ae-364da2661108	Vendor Advisory
https://securingtomorrow.mcafee.com/mcafee-labs/hackers-bypassed-adobe-flash-protection-mechanism/	af854a3a-2127-422b-91ae-364da2661108	Exploit Third Party Advisory
https://threatpost.com/adobe-flash-player-zero-day-spotted-in-the-wild/129742/	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory
https://www.darkreading.com/threat-intelligence/adobe-flash-vulnerability-reappears-in-malicious-word-files/d/d-id/1331139	af854a3a-2127-422b-91ae-364da2661108	Press/Media Coverage Third Party Advisory
https://www.exploit-db.com/exploits/44412/	af854a3a-2127-422b-91ae-364da2661108	Exploit Third Party Advisory VDB Entry
https://www.fireeye.com/blog/threat-research/2018/02/attacks-leveraging-adobe-zero-day.html	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory
https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/north-korean-hackers-allegedly-exploit-adobe-flash-player-vulnerability-cve-2018-4878-against-south-korean-targets	af854a3a-2127-422b-91ae-364da2661108	Technical Description Third Party Advisory

Hyperlink: http://blog.talosintelligence.com/2018/02/group-123-goes-wild.html

Source: psirt@adobe.com

Resource:

Technical Description

Third Party Advisory

Hyperlink: http://www.securityfocus.com/bid/102893

Source: psirt@adobe.com

Resource:

Broken Link

Hyperlink: http://www.securitytracker.com/id/1040318

Source: psirt@adobe.com

Resource:

Broken Link

Hyperlink: https://access.redhat.com/errata/RHSA-2018:0285

Source: psirt@adobe.com

Resource:

Third Party Advisory

Hyperlink: https://blog.morphisec.com/flash-exploit-cve-2018-4878-spotted-in-the-wild-massive-malspam-campaign

Source: psirt@adobe.com

Resource:

Third Party Advisory

Hyperlink: https://github.com/InQuest/malware-samples/tree/master/CVE-2018-4878-Adobe-Flash-DRM-UAF-0day

Source: psirt@adobe.com

Resource:

Third Party Advisory

Hyperlink: https://github.com/vysec/CVE-2018-4878

Source: psirt@adobe.com

Resource:

Third Party Advisory

Hyperlink: https://helpx.adobe.com/security/products/flash-player/apsb18-03.html

Source: psirt@adobe.com

Resource:

Vendor Advisory

Hyperlink: https://securingtomorrow.mcafee.com/mcafee-labs/hackers-bypassed-adobe-flash-protection-mechanism/

Source: psirt@adobe.com

Resource:

Exploit

Third Party Advisory

Hyperlink: https://threatpost.com/adobe-flash-player-zero-day-spotted-in-the-wild/129742/

Source: psirt@adobe.com

Resource:

Third Party Advisory

Hyperlink: https://www.darkreading.com/threat-intelligence/adobe-flash-vulnerability-reappears-in-malicious-word-files/d/d-id/1331139

Source: psirt@adobe.com

Resource:

Press/Media Coverage

Third Party Advisory

Hyperlink: https://www.exploit-db.com/exploits/44412/

Source: psirt@adobe.com

Resource:

Exploit

Third Party Advisory

VDB Entry

Hyperlink: https://www.fireeye.com/blog/threat-research/2018/02/attacks-leveraging-adobe-zero-day.html

Source: psirt@adobe.com

Resource:

Third Party Advisory

Source: psirt@adobe.com

Resource:

Technical Description

Third Party Advisory

Hyperlink: http://blog.talosintelligence.com/2018/02/group-123-goes-wild.html