UBUNTU-CVE-2018-5002

Source
https://ubuntu.com/security/CVE-2018-5002
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-5002.json
JSON Data
https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2018-5002
Related
  • CVE-2018-5002
Published
2018-07-09T19:29:00Z
Modified
2025-01-27T16:42:16Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
  • 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

Adobe Flash Player versions 29.0.0.171 and earlier have a Stack-based buffer overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

References

Affected packages

Ubuntu:14.04:LTS / flashplugin-nonfree

Package

Name
flashplugin-nonfree
Purl
pkg:deb/ubuntu/flashplugin-nonfree@30.0.0.113ubuntu0.14.04.1?arch=source&distro=trusty

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
30.0.0.113ubuntu0.14.04.1

Affected versions

11.*

11.2.202.310ubuntu1
11.2.202.327ubuntu0.13.10.1
11.2.202.332ubuntu1
11.2.202.335ubuntu1
11.2.202.336ubuntu1
11.2.202.341ubuntu1
11.2.202.346ubuntu1
11.2.202.350ubuntu1
11.2.202.356ubuntu0.14.04.1
11.2.202.359ubuntu0.14.04.1
11.2.202.378ubuntu0.14.04.1
11.2.202.394ubuntu0.14.04.1
11.2.202.400ubuntu0.14.04.1
11.2.202.406ubuntu0.14.04.1
11.2.202.406ubuntu0.14.04.2
11.2.202.411ubuntu0.14.04.1
11.2.202.418ubuntu0.14.04.1
11.2.202.424ubuntu0.14.04.1
11.2.202.425ubuntu0.14.04.1
11.2.202.429ubuntu0.14.04.1
11.2.202.438ubuntu0.14.04.1
11.2.202.440ubuntu0.14.04.1
11.2.202.442ubuntu0.14.04.1
11.2.202.451ubuntu0.14.04.1
11.2.202.457ubuntu0.14.04.1
11.2.202.460ubuntu0.14.04.1
11.2.202.466ubuntu0.14.04.1
11.2.202.468ubuntu0.14.04.1
11.2.202.481ubuntu0.14.04.1
11.2.202.481ubuntu0.14.04.2
11.2.202.491ubuntu0.14.04.1
11.2.202.508ubuntu0.14.04.1
11.2.202.521ubuntu0.14.04.1
11.2.202.535ubuntu0.14.04.1
11.2.202.540ubuntu0.14.04.2
11.2.202.548ubuntu0.14.04.1
11.2.202.554ubuntu0.14.04.1
11.2.202.559ubuntu0.14.04.1
11.2.202.569ubuntu0.14.04.1
11.2.202.577ubuntu0.14.04.1
11.2.202.616ubuntu0.14.04.1
11.2.202.621ubuntu0.14.04.1
11.2.202.626ubuntu0.14.04.1
11.2.202.632ubuntu0.14.04.1
11.2.202.635ubuntu0.14.04.1
11.2.202.637ubuntu0.14.04.1
11.2.202.643ubuntu0.14.04.1
11.2.202.644ubuntu0.14.04.1

24.*

24.0.0.186ubuntu0.14.04.1
24.0.0.194ubuntu0.14.04.1
24.0.0.221ubuntu0.14.04.1

25.*

25.0.0.127ubuntu0.14.04.1
25.0.0.148ubuntu0.14.04.1
25.0.0.171ubuntu0.14.04.1

26.*

26.0.0.126ubuntu0.14.04.1
26.0.0.131ubuntu0.14.04.1
26.0.0.137ubuntu0.14.04.1
26.0.0.151ubuntu0.14.04.1

27.*

27.0.0.130ubuntu0.14.04.1
27.0.0.159ubuntu0.14.04.1
27.0.0.170ubuntu0.14.04.1
27.0.0.183ubuntu0.14.04.1
27.0.0.187ubuntu0.14.04.1

28.*

28.0.0.126ubuntu0.14.04.1
28.0.0.137ubuntu0.14.04.1
28.0.0.161ubuntu0.14.04.1

29.*

29.0.0.113ubuntu0.14.04.1
29.0.0.140ubuntu0.14.04.1
29.0.0.171ubuntu0.14.04.1

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "binary_version": "30.0.0.113ubuntu0.14.04.1",
            "binary_name": "flashplugin-downloader"
        },
        {
            "binary_version": "30.0.0.113ubuntu0.14.04.1",
            "binary_name": "flashplugin-installer"
        }
    ]
}

Ubuntu:16.04:LTS / flashplugin-nonfree

Package

Name
flashplugin-nonfree
Purl
pkg:deb/ubuntu/flashplugin-nonfree@30.0.0.113ubuntu0.16.04.1?arch=source&distro=xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
30.0.0.113ubuntu0.16.04.1

Affected versions

11.*

11.2.202.540ubuntu2
11.2.202.548ubuntu1
11.2.202.554ubuntu1
11.2.202.559ubuntu1
11.2.202.569ubuntu1
11.2.202.577ubuntu1
11.2.202.616ubuntu1
11.2.202.621ubuntu0.16.04.1
11.2.202.626ubuntu0.16.04.1
11.2.202.632ubuntu0.16.04.1
11.2.202.635ubuntu0.16.04.1
11.2.202.637ubuntu0.16.04.1
11.2.202.643ubuntu0.16.04.1
11.2.202.644ubuntu0.16.04.1

24.*

24.0.0.186ubuntu0.16.04.1
24.0.0.194ubuntu0.16.04.1
24.0.0.221ubuntu0.16.04.1

25.*

25.0.0.127ubuntu0.16.04.1
25.0.0.148ubuntu0.16.04.1
25.0.0.171ubuntu0.16.04.1

26.*

26.0.0.126ubuntu0.16.04.1
26.0.0.131ubuntu0.16.04.1
26.0.0.137ubuntu0.16.04.1
26.0.0.151ubuntu0.16.04.1

27.*

27.0.0.130ubuntu0.16.04.1
27.0.0.159ubuntu0.16.04.1
27.0.0.170ubuntu0.16.04.1
27.0.0.183ubuntu0.16.04.1
27.0.0.187ubuntu0.16.04.1

28.*

28.0.0.126ubuntu0.16.04.1
28.0.0.137ubuntu0.16.04.1
28.0.0.161ubuntu0.16.04.1

29.*

29.0.0.113ubuntu0.16.04.1
29.0.0.140ubuntu0.16.04.1
29.0.0.171ubuntu0.16.04.1

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "binary_version": "30.0.0.113ubuntu0.16.04.1",
            "binary_name": "flashplugin-downloader"
        },
        {
            "binary_version": "30.0.0.113ubuntu0.16.04.1",
            "binary_name": "flashplugin-installer"
        }
    ]
}

Ubuntu:18.04:LTS / flashplugin-nonfree

Package

Name
flashplugin-nonfree
Purl
pkg:deb/ubuntu/flashplugin-nonfree@30.0.0.113ubuntu0.18.04.1?arch=source&distro=bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
30.0.0.113ubuntu0.18.04.1

Affected versions

27.*

27.0.0.170ubuntu1
27.0.0.187ubuntu1

28.*

28.0.0.126ubuntu1
28.0.0.137ubuntu1
28.0.0.161ubuntu1
28.0.0.161ubuntu2
28.0.0.161ubuntu3

29.*

29.0.0.113ubuntu1
29.0.0.140ubuntu1
29.0.0.171ubuntu1

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "binary_version": "30.0.0.113ubuntu0.18.04.1",
            "binary_name": "flashplugin-downloader"
        },
        {
            "binary_version": "30.0.0.113ubuntu0.18.04.1",
            "binary_name": "flashplugin-installer"
        }
    ]
}