Adobe Flash Player Multiple Vulnerabilities

Last Update Date: 28 Feb 2013 Release Date: 27 Feb 2013 4465 Views

RISK: Extremely High Risk

Extremely High Risk

TYPE: Clients - Audio & Video

TYPE: Audio & Video

Multiple vulnerabilities have been identified in Adobe Flash Player. A remote user can cause arbitrary code to be executed on the target user's system.

  1. A remote user can create a specially crafted Flash content that, when loaded by the target user, will execute arbitrary code on the target system. The code will run with the privileges of the target user.
  2. A buffer overflow may occur in the Flash Player broker service.
  3. A permission error may occur in the Flash Player Firefox sandbox.
  4. A flaw may occur in the ExternalInterface ActionScript feature.

Note: The last two vulnerabilities are being actively exploited against Mozilla Firefox.

Impact

  • Remote Code Execution

System / Technologies affected

  • Adobe Flash Player versions prior to 11.6.602.171
  • Adobe Flash Player bundled in Google Chrome
  • Adobe Flash Player bundled in Internet Explorer 10 for Windows 8, Windows Server 2012 and Windows RT

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • The vendor has issued a fix (10.3.183.67, 11.6.602.171; 11.2.202.273 for Linux; 11.6.602.171 for Chrome; 11.6.602.171 for IE 10).
    For Chrome and IE 10 users, please apply the software update from the browser.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Cisco ASA NAT Connections Table Memory Exhaustion Vulnerability

27 Feb 2013 4396 Views

Next

Cisco Products Multiple Vulnerabilities

1 Mar 2013 4994 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY