Adobe Flash Player Remote Code Execution Vulnerability

Last Update Date: 21 Feb 2014 11:56 Release Date: 21 Feb 2014 4234 Views

RISK: Extremely High Risk

Extremely High Risk

TYPE: Clients - Audio & Video

TYPE: Audio & Video

A vulnerability was identified in Adobe Flash Player. A remote user can cause arbitrary code to be executed on the target user's system.


A remote user can create a specially crafted file that, when loaded by the target user, will execute arbitrary code on the target system.

  1. A stack overflow may occur.
  2. A memory leak may occur, allowing a remote user to bypass memory address layout randomization.
  3. A double free memory error may occur. This vulnerability is being actively exploited.

Impact

  • Remote Code Execution

System / Technologies affected

  • Adobe Flash Player 12.0.0.44 and earlier versions for Windows and Macintosh
  • Adobe Flash Player 11.2.202.336 and earlier versions for Linux
  • Adobe AIR 4.0.0.1390 and earlier versions for Android
  • Adobe AIR 3.9.0.1390 SDK and earlier versions
  • Adobe AIR 3.9.0.1390 SDK & Compiler and earlier versions

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Microsoft Internet Explorer Use-After-Free Vulnerability

17 Feb 2014 4498 Views

Next

Kloxo SQL Injection Vulnerability

24 Feb 2014 4307 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY