Security Advisory - August 14, 2018
Zscaler protects against 3 new vulnerabilities for Adobe Flash Player
Zscaler, working with Microsoft through their MAPP program, has proactively deployed protections for the following 3 vulnerabilities included in the August 2018 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the August release and deploy additional protections as necessary.
APSB18-25 – Security updates available for Flash Player
Adobe has released security updates for Adobe Flash Player for Windows, macOS, Linux and Chrome OS. These updates address important vulnerabilities in Adobe Flash Player 184.108.40.206 and earlier versions. Successful exploitation could lead to arbitrary code execution in the context of the current user.
- Adobe Flash Player Desktop Runtime 220.127.116.11 and earlier versions
- Adobe Flash Player for Google Chrome 18.104.22.168 and earlier versions
- Adobe Flash Player for Microsoft Edge and Internet Explorer 11 22.214.171.124 and earlier versions
CVE-2018-12824 – Adobe Flash Player Out of Bounds Read Vulnerability
This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of the ID3 string decoding. A malformed “COMM” string input leads to flawed computation that involves pointer offset arithmetic which does not adequately account for the buffer boundaries. The use of an invalid (out-of-range) pointer offset during access of internal data structure fields causes the vulnerability. A successful attack can lead to sensitive data exposure.
CVE-2018-12825 – Adobe Flash Player Security Bypass Vulnerability
This vulnerability is an instance of a security bypass vulnerability. Specifically, the vulnerability exists in the mechanism that handles Flash content embedded within an Office document that can allow bypass of click-to play security mechanism.
CVE-2018-12826 – Adobe Flash Player Out of Bounds Read Vulnerability
The vulnerability is caused by the computation that reads data past the end of the intended buffer; the computation is part of the ActionScript 3 VM that handles native code constructor calls. Crafted SWF input triggers the flawed computation where pointer arithmetic is not appropriately checked against boundary conditions, which leads to memory write operation through the pointer that points to an invalid memory location. The vulnerability is a result of out of range pointer offset that is used to access sub-elements of an internal data structure. An attacker can potentially leverage the vulnerability to leak sensitive data (e.g., memory addresses).