Zscaler protects against 2 new vulnerabilities for Adobe Flash Player.

Zscaler, working with Microsoft through their MAPP program, has proactively deployed protections for the following 2 vulnerabilities included in the February 2018 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the February release and deploy additional protections as necessary.

APSB18-03 – Security updates available for Adobe Flash Player.

Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system.

Severity: Critical

Affected Software

• Adobe Flash Player Desktop Runtime 28.0.0.137 and earlier for Windows, Macintosh and Linux
• Adobe Flash Player for Google Chrome 28.0.0.137 and earlier for Windows, Macintosh, Linux and Chrome OS
• Adobe Flash Player for Microsoft Edge and Internet Explorer 11 28.0.0.137 and earlier for Windows 10 and 8.1

CVE-2018-4878 – Use After Free vulnerability

This vulnerability is an instance of a use after free vulnerability in Primetime SDK. This vulnerability occurs due to dangling pointer in the Primetime SDK related to the handling of listener objects. The vulnerability is triggered by a crafted SWF file which leads to a temporal safety violation if it is possible to perform read / write dereferences on the dangling pointer to a listener object. This instance causes access violation exception because of the computation within the SWF that dereferences the dangling pointer. A constraint for exploitation of this vulnerability is that the memory area of the freed (i.e., old) listener object is reused by another listener object. The mismatch between the old and the new object can provide attacker with an unintended memory access. Successful exploitation could lead to arbitrary code execution.

CVE-2018-4877 – Use After Free vulnerability

This vulnerability is due to a dangling pointer that leads to a use after free vulnerability in the Primetime SDK, related to media player’s quality of service functionality. Specifically, the vulnerability is triggered by a crafted SWF file which leads to a temporal safety violation if it is possible to perform read / write dereferences on the dangling pointer. This instance causes access violation exception because of the computation within the SWF that dereferences the dangling pointer in the QOS provider object. A constraint for exploitation of this vulnerability is that the memory area of the freed (i.e., old) media player object is reused by another media player object. The mismatch between the old and the new object can provide attacker with an unintended memory access. Successful exploitation could lead to arbitrary code execution.