1. Home
  2. Mapping Frameworks
  3. Known Exploited Vulnerabilities Home
  4. Adobe Flash Player Use-After-Free Vulnerability

Known Exploited Vulnerabilities CVE-2018-15982 Mappings

Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CVE-2018-15982 Adobe Flash Player Use-After-Free Vulnerability primary_impact T1105 Ingress Tool Transfer
Comments
This vulnerability is exploited via a maliciously-crafted Word document, which then extracts the adversary's RAT tool.
References
  1. https://securityaffairs.com/78712/hacking/cve-2018-15982-flash-zero-day.html
CVE-2018-15982 Adobe Flash Player Use-After-Free Vulnerability exploitation_technique T1204.002 Malicious File
Comments
This vulnerability is exploited via a maliciously-crafted Word document, which then extracts the adversary's RAT tool.
References
  1. https://securityaffairs.com/78712/hacking/cve-2018-15982-flash-zero-day.html