CVE-2019-7096
Published: 23 May 2019
Adobe Flash Player versions 32.0.0.156 and earlier, 32.0.0.156 and earlier, and 32.0.0.156 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution.
Priority
Status
Package | Release | Status |
---|---|---|
adobe-flashplugin Launchpad, Ubuntu, Debian |
bionic |
Released
(1:20190409.1-0ubuntu0.18.04.1)
|
cosmic |
Released
(1:20190409.1-0ubuntu0.18.10.1)
|
|
disco |
Released
(1:20190409.1-0ubuntu1)
|
|
trusty |
Released
(1:20190409.1-0ubuntu0.14.04.1)
|
|
upstream |
Released
(32.0.0.171)
|
|
xenial |
Released
(1:20190409.1-0ubuntu0.16.04.1)
|
|
flashplugin-nonfree Launchpad, Ubuntu, Debian |
bionic |
Released
(32.0.0.171ubuntu0.18.04.1)
|
cosmic |
Released
(32.0.0.171ubuntu0.18.10.1)
|
|
disco |
Released
(32.0.0.171ubuntu1)
|
|
trusty |
Released
(32.0.0.171ubuntu0.14.04.1)
|
|
upstream |
Released
(32.0.0.171)
|
|
xenial |
Released
(32.0.0.171ubuntu0.16.04.1)
|
Severity score breakdown
Parameter | Value |
---|---|
Base score | 9.8 |
Attack vector | Network |
Attack complexity | Low |
Privileges required | None |
User interaction | None |
Scope | Unchanged |
Confidentiality | High |
Integrity impact | High |
Availability impact | High |
Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |