Skip to main content

Adobe Flash Player SWF Data Processing Code Execution Vulnerability

Last Update Date: 28 Jan 2011 Release Date: 7 Jun 2010 5415 Views

RISK: Medium Risk

A vulnerability has been identified in Adobe Flash Player, which could be exploited by remote attackers to compromise a vulnerable system. This issue is caused by a memory corruption error when processing malformed data within a SWF file, which could be exploited by attackers to execute arbitrary code by tricking a user into opening a specially crafted file.

Note: This vulnerability is currently being exploited in the wild.


Impact

  • Remote Code Execution

System / Technologies affected

  • Adobe Flash Player version 10.0.45.2 and prior (Windows, Macintosh, Linux and Solaris)
  • Adobe Flash Player version 9.0.262 and prior (Windows, Macintosh, Linux and Solaris)

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Upgrade to Flash Player 10.1 Release Candidate :
http://labs.adobe.com/technologies/flashplayer10/


Vulnerability Identifier


Source


Related Link