CVE-2019-7096
Published: 23 May 2019
Adobe Flash Player versions 32.0.0.156 and earlier, 32.0.0.156 and earlier, and 32.0.0.156 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution.
Priority
Status
Package | Release | Status |
---|---|---|
adobe-flashplugin Launchpad, Ubuntu, Debian |
upstream |
Released
(32.0.0.171)
|
precise |
Does not exist
|
|
trusty |
Does not exist
|
|
xenial |
Released
(1:20190409.1-0ubuntu0.16.04.1)
|
|
bionic |
Released
(1:20190409.1-0ubuntu0.18.04.1)
|
|
cosmic |
Released
(1:20190409.1-0ubuntu0.18.10.1)
|
|
disco |
Released
(1:20190409.1-0ubuntu1)
|
|
flashplugin-nonfree Launchpad, Ubuntu, Debian |
upstream |
Released
(32.0.0.171)
|
precise |
Does not exist
|
|
trusty |
Does not exist
(trusty was needs-triage)
|
|
xenial |
Released
(32.0.0.171ubuntu0.16.04.1)
|
|
bionic |
Released
(32.0.0.171ubuntu0.18.04.1)
|
|
cosmic |
Released
(32.0.0.171ubuntu0.18.10.1)
|
|
disco |
Released
(32.0.0.171ubuntu1)
|
Severity score breakdown
Parameter | Value |
---|---|
Base score | 9.8 |
Attack vector | Network |
Attack complexity | Low |
Privileges required | None |
User interaction | None |
Scope | Unchanged |
Confidentiality | High |
Integrity impact | High |
Availability impact | High |
Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |