Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution.
| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| CVE-2018-15982 | Adobe Flash Player Use-After-Free Vulnerability | primary_impact | T1105 | Ingress Tool Transfer |
Comments
This vulnerability is exploited via a maliciously-crafted Word document, which then extracts the adversary's RAT tool.
References
|
| CVE-2018-15982 | Adobe Flash Player Use-After-Free Vulnerability | exploitation_technique | T1204.002 | Malicious File |
Comments
This vulnerability is exploited via a maliciously-crafted Word document, which then extracts the adversary's RAT tool.
References
|