Adobe Flash MediaPlayer DRM Use-After-Free Vulnerability |
Tags
| country: | South Korea |
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Data Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Brute Force - T1110 |
Common Information
| Type | Value |
|---|---|
| UUID | a3898322-5421-4e1f-8fce-8b4b0f1f9250 |
| Fingerprint | 95920c84c9e56681 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Feb. 7, 2018, midnight |
| Added to db | June 5, 2023, 10:54 a.m. |
| Last updated | Nov. 17, 2024, 7:44 p.m. |
| Headline | Adobe Flash MediaPlayer DRM Use-After-Free Vulnerability |
| Title | Adobe Flash MediaPlayer DRM Use-After-Free Vulnerability | |
| Detected Hints/Tags/Attributes | 41/3/63 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 137 | ✔ | InQuest | https://inquest.net/blog/rss | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 92 | cve-2018-4878 |
|
| Details | CVE | 59 | cve-2015-5119 |
|
| Details | Domain | 4127 | github.com |
|
| Details | Domain | 150 | www.w3.org |
|
| Details | Domain | 57 | adobe.com |
|
| Details | Domain | 12 | w3.org |
|
| Details | Domain | 4 | openxmlformats.org |
|
| Details | Domain | 368 | microsoft.com |
|
| Details | Domain | 3 | purl.org |
|
| Details | Domain | 5 | www.dylboiler.co.kr |
|
| Details | Domain | 1 | 1588-2040.co.kr |
|
| Details | Domain | 3 | www.1588-2040.co.kr |
|
| Details | Domain | 2 | www.korea-tax.info |
|
| Details | Domain | 9 | www.krcert.or.kr |
|
| Details | Domain | 11 | secnoticeview.do |
|
| Details | Domain | 260 | helpx.adobe.com |
|
| Details | Domain | 261 | blog.talosintelligence.com |
|
| Details | Domain | 184 | www.fireeye.com |
|
| Details | Domain | 55 | otx.alienvault.com |
|
| Details | Domain | 37 | blog.alyac.co.kr |
|
| Details | Domain | 14 | www.flashpoint-intel.com |
|
| Details | Domain | 31 | blog.morphisec.com |
|
| Details | File | 6 | activex1.bin |
|
| Details | File | 4 | manager.php |
|
| Details | File | 31 | image.php |
|
| Details | File | 2 | product_old.jpg |
|
| Details | File | 1 | korea-tax.inf |
|
| Details | File | 6 | local.php |
|
| Details | File | 2 | apsa18-01.html |
|
| Details | File | 4 | group-123-goes-wild.html |
|
| Details | File | 2 | attacks-leveraging-adobe-zero-day.html |
|
| Details | File | 2 | apsb18-03.html |
|
| Details | Github username | 13 | inquest |
|
| Details | Github username | 6 | mdsecactivebreach |
|
| Details | sha256 | 1 | 14c58e3894258c54e12d52d0fba0aafa258222ce9223a1fdc8a946fd169d8a12 |
|
| Details | sha256 | 2 | 3b1395f620e428c5f68c6497a2338da0c4f749feb64e8f12e4c5b1288cc57a1c |
|
| Details | sha256 | 1 | 88d7aa1612756e2e70e4972d3f6a80517515f5274b38d4601357f954e207f294 |
|
| Details | sha256 | 2 | fec71b8479f3a416fa58580ae76a8c731c2294c24663c601a1267e0e5c2678a0 |
|
| Details | sha256 | 1 | 1a3269253784f76e3480e4b3de312dfee878f99045ccfd2231acb5ba57d8ed0d |
|
| Details | sha256 | 2 | e1546323dc746ed2f7a5c973dcecc79b014b68bdd8a6230239283b4f775f4bbd |
|
| Details | IPv4 | 11 | 28.0.0.137 |
|
| Details | IPv4 | 9 | 28.0.0.161 |
|
| Details | Url | 1 | http://purl.or |
|
| Details | Url | 1 | http://purl.org/dc/dcmitype |
|
| Details | Url | 2 | http://purl.org/dc/elements/1.1 |
|
| Details | Url | 1 | http://purl.org/dc/terms |
|
| Details | Url | 3 | http://www.dylboiler.co.kr/admincenter/files/boad/4/manager.php |
|
| Details | Url | 1 | http://1588-2040.co.kr/design/m/images/image/image.php |
|
| Details | Url | 2 | http://www.1588-2040.co.kr/conf/product_old.jpg |
|
| Details | Url | 2 | http://www.korea-tax.info/main/local.php |
|
| Details | Url | 3 | https://www.krcert.or.kr/data/secnoticeview.do?bulletin_writing_sequence=26998 |
|
| Details | Url | 1 | https://helpx.adobe.com/security/products/flash-player/apsa18-01.html |
|
| Details | Url | 2 | http://blog.talosintelligence.com/2018/02/group-123-goes-wild.html |
|
| Details | Url | 2 | https://www.fireeye.com/blog/threat-research/2018/02/attacks-leveraging-adobe-zero-day.html |
|
| Details | Url | 1 | https://otx.alienvault.com/pulse/5a7437b59de8422ad47fc161 |
|
| Details | Url | 3 | http://blog.alyac.co.kr/1521 |
|
| Details | Url | 1 | https://blog.malwarebytes.com/cybercrime/2018/02/new-flash-player-zero-day-comes-inside-office-document |
|
| Details | Url | 1 | https://www.flashpoint-intel.com/blog/targeted-attacks-south-korean-entities |
|
| Details | Url | 1 | http://blog.morphisec.com/adobe-flash-zero-day-prevented-by-morphisec-cve-2018-4878 |
|
| Details | Url | 1 | https://helpx.adobe.com/security/products/flash-player/apsb18-03.html |
|
| Details | Url | 1 | https://blog.morphisec.com/cve-2018-4878-an-analysis-of-the-flash-player-hack |
|
| Details | Url | 1 | https://www.mdsec.co.uk/2018/02/adobe-flash-exploitation-then-and-now-from-cve-2015-5119-to-cve-2018-4878 |
|
| Details | Url | 1 | https://github.com/mdsecactivebreach/cve-2018-4878 |