Windows : Microsoft Bulletins : Microsoft IE And Microsoft Edge Flash Player Security Update (KB4093110)

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.813210

Category: Windows : Microsoft Bulletins

Title: Microsoft IE And Microsoft Edge Flash Player Security Update (KB4093110)

Summary: This host is missing a critical security; update according to Microsoft KB4093110.

Description: Summary:
This host is missing a critical security
update according to Microsoft KB4093110.

Vulnerability Insight:
- A remote code execution (RCE) vulnerability that occurs due to a use-after-free
condition.

- Multiple RCE vulnerabilities that occur due to an
out-of-bounds write error.

- Multiple information disclosure vulnerabilities that occur due to an
out-of-bounds read error.

- An information disclosure vulnerability that occurs due to a heap overflow
condition.

Vulnerability Impact:
Successful exploitation will allow an
attacker to gain th control of the affected system. Depending on the
privileges associated with this application, an attacker could then install
programs, view, change, or delete data, or create new accounts with full
user rights.

Affected Software/OS:
- Microsoft Windows 10 Version 1511

- Microsoft Windows 10 Version 1607

- Microsoft Windows 10 Version 1703

- Microsoft Windows 10 Version 1709

- Microsoft Windows 8.1

- Microsoft Windows Server 2012/2012 R2/2016

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2018-4932
BugTraq ID: 103708
http://www.securityfocus.com/bid/103708
https://security.gentoo.org/glsa/201804-11
https://helpx.adobe.com/security/products/flash-player/apsb18-08.html
RedHat Security Advisories: RHSA-2018:1119
https://access.redhat.com/errata/RHSA-2018:1119
http://www.securitytracker.com/id/1040648
Common Vulnerability Exposure (CVE) ID: CVE-2018-4933
Common Vulnerability Exposure (CVE) ID: CVE-2018-4934
https://www.exploit-db.com/exploits/44528/
Common Vulnerability Exposure (CVE) ID: CVE-2018-4935
https://www.exploit-db.com/exploits/44527/
Common Vulnerability Exposure (CVE) ID: CVE-2018-4936
https://www.exploit-db.com/exploits/44526/
Common Vulnerability Exposure (CVE) ID: CVE-2018-4937
https://www.exploit-db.com/exploits/44529/

Copyright Copyright (C) 2018 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.813210
Category:	Windows : Microsoft Bulletins
Title:	Microsoft IE And Microsoft Edge Flash Player Security Update (KB4093110)
Summary:	This host is missing a critical security; update according to Microsoft KB4093110.
Description:	Summary: This host is missing a critical security update according to Microsoft KB4093110. Vulnerability Insight: - A remote code execution (RCE) vulnerability that occurs due to a use-after-free condition. - Multiple RCE vulnerabilities that occur due to an out-of-bounds write error. - Multiple information disclosure vulnerabilities that occur due to an out-of-bounds read error. - An information disclosure vulnerability that occurs due to a heap overflow condition. Vulnerability Impact: Successful exploitation will allow an attacker to gain th control of the affected system. Depending on the privileges associated with this application, an attacker could then install programs, view, change, or delete data, or create new accounts with full user rights. Affected Software/OS: - Microsoft Windows 10 Version 1511 - Microsoft Windows 10 Version 1607 - Microsoft Windows 10 Version 1703 - Microsoft Windows 10 Version 1709 - Microsoft Windows 8.1 - Microsoft Windows Server 2012/2012 R2/2016 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2018-4932 BugTraq ID: 103708 http://www.securityfocus.com/bid/103708 https://security.gentoo.org/glsa/201804-11 https://helpx.adobe.com/security/products/flash-player/apsb18-08.html RedHat Security Advisories: RHSA-2018:1119 https://access.redhat.com/errata/RHSA-2018:1119 http://www.securitytracker.com/id/1040648 Common Vulnerability Exposure (CVE) ID: CVE-2018-4933 Common Vulnerability Exposure (CVE) ID: CVE-2018-4934 https://www.exploit-db.com/exploits/44528/ Common Vulnerability Exposure (CVE) ID: CVE-2018-4935 https://www.exploit-db.com/exploits/44527/ Common Vulnerability Exposure (CVE) ID: CVE-2018-4936 https://www.exploit-db.com/exploits/44526/ Common Vulnerability Exposure (CVE) ID: CVE-2018-4937 https://www.exploit-db.com/exploits/44529/
Copyright	Copyright (C) 2018 Greenbone AG