Adobe Flash Player Multiple Vulnerabilities

Last Update Date: 16 Mar 2015 10:50 Release Date: 16 Mar 2015 3759 Views

RISK: High Risk

High Risk

TYPE: Clients - Audio & Video

TYPE: Audio & Video

Multiple vulnerabilities have been identified in Adobe Flash Player, which can be exploited by remote attacker to cause remote code execution and bypass security restrictions.

  • A remote user can bypass same-origin domain policy.
  • A remote user can bypass file upload restrictions.
  • A remote user can create a specially crafted Flash content that, when loaded by the target user, will execute arbitrary code on the target system. The code will run with the privileges of the target user.
  • Some memory corruption errors may occur.
  • Some type confusion errors may occur.
  • An integer overflow may occur.
  • Some use-after-free memory errors may occur.

Impact

  • Remote Code Execution
  • Security Restriction Bypass

System / Technologies affected

  • Adobe Flash Player 13.0.0.269 and earlier 13.x versions
  • Adobe Flash Player 16.0.0.305 and earlier versions
  • Adobe Flash Player 11.2.202.442 and earlier 11.x versions

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Update to Version 17.0.0.134, ESR 13.0.0.277, 11.2.202.451 for Linux

Vulnerability Identifier

Source

Related Link

Share with

Previous

Microsoft Windows Schannel Security Feature Bypass Vulnerability

11 Mar 2015 3844 Views

Next

D-Link DCS-93xL Model Family Unrestricted Upload Vulnerability

17 Mar 2015 3705 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY