Adobe Flash Player Integer Underflow Vulnerability

Last Update Date: 7 Feb 2014 Release Date: 5 Feb 2014 4753 Views

RISK: Extremely High Risk

Extremely High Risk

TYPE: Clients - Graphics & Design

TYPE: Graphics & Design

A vulnerability was identified in Adobe Flash Player. A remote user can cause arbitrary code to be executed on the target user's system.

 

A remote user can create specially crafted content that, when loaded by the target user, will trigger an integer underflow and execute arbitrary code on the target system. The code will run with the privileges of the target user.

 

NOTE: The vulnerability was currently being exploited in the wild.

Impact

  • Remote Code Execution

System / Technologies affected

  • 12.0.0.43 and prior; other versions affected
  • (Updated 7/2/2014) Flash player embedded with Internet Explorer in Windows 8, 8.1 and Server 2012
  • (Updated 7/2/2014) Google Chrome versions prior to 32.0.1700.107

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • The vendor has issued a fix.
    • 11.2.202.336 for Linux;
    • 11.7.700.261 and 12.0.0.44 for Windows and Macintosh
    • (Updated 7/2/2014) Apply updates for Windows 8, 8.1 and Server 2012
    • (Updated 7/2/2014) Update to Google Chrome version 32.0.1700.107

Vulnerability Identifier

Source

Related Link

Share with

Previous

OpenLDAP Deny of Service Vulnerability

5 Feb 2014 4027 Views

Next

Adobe Shockwave Player Multiple Memory Corruption Vulnerabilities

12 Feb 2014 4300 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY