Adobe Flash Player SWF Data Processing Code Execution Vulnerability

Last Update Date: 28 Jan 2011 Release Date: 7 Jun 2010 5242 Views

RISK: Medium Risk

Medium Risk

A vulnerability has been identified in Adobe Flash Player, which could be exploited by remote attackers to compromise a vulnerable system. This issue is caused by a memory corruption error when processing malformed data within a SWF file, which could be exploited by attackers to execute arbitrary code by tricking a user into opening a specially crafted file.

Note: This vulnerability is currently being exploited in the wild.

Impact

  • Remote Code Execution

System / Technologies affected

  • Adobe Flash Player version 10.0.45.2 and prior (Windows, Macintosh, Linux and Solaris)
  • Adobe Flash Player version 9.0.262 and prior (Windows, Macintosh, Linux and Solaris)

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Upgrade to Flash Player 10.1 Release Candidate :
http://labs.adobe.com/technologies/flashplayer10/

Vulnerability Identifier

Source

Related Link

Share with

Previous

Adobe InDesign CS3 INDD File Handling Buffer Overflow Vulnerability

7 Jun 2010 5345 Views

Next

OpenOffice.org Code Execution and Security Bypass Vulnerabilities

8 Jun 2010 5276 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY