TrendLabs: June Patch Tuesday: Microsoft Addresses DNS-related Vulnerability, Adobe Patches Critical Flash Player Flaw

... In addition to CVE-2018-8267, the following vulnerabilities were also disclosed via ZDI:

• CVE-2018-8207 – Windows Kernel Information Disclosure Vulnerability
• CVE-2018-8236 – Microsoft Edge Memory Corruption Vulnerability
• CVE-2018-8239 – Windows GDI Information Disclosure Vulnerability
• CVE-2018-8251 – Media Foundation Memory Corruption Vulnerability

In line with Microsoft’s release, Adobe also published their set of updates for vulnerabilities affecting Adobe Flash Player 29.0.0.171 and earlier versions in the APSB18-19 Security Bulletin. The most critical Flash Player vulnerability addressed is CVE-2018-5002, a stack-based buffer overflow that could result in remote code execution performed by an attacker. This vulnerability is reportedly being actively used in targeted attacks.

REF: https://blog.trendmicro.com/trendlabs-security-intelligence/june-patch-tuesday-microsoft-addresses-dns-related-vulnerability-adobe-patches-critical-flash-player-flaw/