CVE-2018-4878
A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This vulnerability occurs due to a dangling pointer in the Primetime SDK related to media player handling of listener objects. A successful attack can lead to arbitrary code execution. This was exploited in the wild in January and February 2018.Related Threats
Exploit Kits
- RIG Exploit Kit^/content/enterprise/en-us/threat-center/threat-landscape-dashboard/exploit-kits-details.rig-exploit-kit.html
- Fallout Exploit Kit^/content/enterprise/en-us/threat-center/threat-landscape-dashboard/exploit-kits-details.fallout-exploit-kit.html
- ThreadKit Exploit Kit^/content/enterprise/en-us/threat-center/threat-landscape-dashboard/exploit-kits-details.threadkit-exploit-kit.html
- Bizarro Sundown Exploit Kit^/content/enterprise/en-us/threat-center/threat-landscape-dashboard/exploit-kits-details.bizarro-sundown-exploit-kit.html
- Magnitude Exploit Kit^/content/enterprise/en-us/threat-center/threat-landscape-dashboard/exploit-kits-details.magnitude-exploit-kit.html
- Underminer Exploit Kit^/content/enterprise/en-us/threat-center/threat-landscape-dashboard/exploit-kits-details.underminer-exploit-kit.html
Campaigns
- Operation Bankshot Turkish Financial Sector^/content/enterprise/en-us/threat-center/threat-landscape-dashboard/campaigns-details.operation-bankshot-turkish-financial-sector.html
- Operation Korean Messenger^/content/enterprise/en-us/threat-center/threat-landscape-dashboard/campaigns-details.operation-korean-messenger.html