Skip to main content

Adobe Flash Player / AIR Multiple Vulnerabilities

Last Update Date: 13 Mar 2013 15:46 Release Date: 13 Mar 2013 4278 Views

RISK: High Risk

TYPE: Clients - Graphics & Design

TYPE: Graphics & Design

Multiple vulnerabilities have been identified in Adobe Flash Player and Adobe AIR, which can be exploited by malicious people to compromise a user's system.

  1. An integer overflow error can be exploited to execute arbitrary code.
  2. A use-after-free error can be exploited to dereference already freed memory.
  3. An unspecified error can be exploited to cause memory corruption.
  4. An unspecified error can be exploited to cause a heap-based buffer overflow.

Successful exploitation of the vulnerabilities may allow execution of arbitrary code.


Impact

  • Remote Code Execution

System / Technologies affected

  • Adobe Flash Player versions 11.6.602.171 and prior for Windows and Macintosh 
  • Adobe Flash Player versions 11.2.202.273 and prior for Linux
  • Adobe Flash Player versions 11.1.115.47 and prior for Android 4.x
  • Adobe Flash Player versions 11.1.111.43 and prior for Android 3.x and 2.x
  • Adobe AIR versions 3.6.0.597 and prior
  • Adobe AIR SDK versions 3.6.0.597 and prior
  • Adobe AIR SDK & Compiler versions 3.6.0.599 and prior

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Update to fixed version

Vulnerability Identifier


Source


Related Link