Internet Explorer VBScript Use-After-Free Vulnerability: CVE-2018-8174

A Zero-Day vulnerability in VBScript was disclosed to Microsoft. The vulnerability was discovered as an active attack in the wild. The bug is in the VBScript engine used in Windows. Its classified as a Use-After-Free (UAF) vulnerability. CVE-2017-8174 is assigned to track this bug. Currently attackers are exploiting this vulnerability to execute shellcode and PowerShell … Continue reading “Internet Explorer VBScript Use-After-Free Vulnerability: CVE-2018-8174”

Adobe Flash Player Zero-Day Vulnerability: CVE-2018-4878

A Zero Day vulnerability in Adobe Flash player has been discovered in the wild. The bug is a use after free vulnerability in the  Adobe Flash MediaPlayer DRM management API, it can be exploited to achieve remote code execution. CVE-2018-4878 has been assigned to track this vulnerability. The affected versions are Adobe Flash Player ActiveX … Continue reading “Adobe Flash Player Zero-Day Vulnerability: CVE-2018-4878”