Authors:Google Security Research Risk：High CVE：CVE-2018-4936 0day:Arbitrary Code Execution 0day -id:0DAY-17598 Date：2018-04-25
Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.
Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS.Â These updates addresscriticalvulnerabilities in Adobe Flash Player 188.8.131.52 and earlier versions. Successful exploitation could lead to arbitrary code execution in the context of the current user.
The attached fuzzed swf file causes heap overflow when playing a sound.
This PoC crashes a little bit unreliably, it is the most reliable in the standalone Flash player and Microsoft Edge.