Adobe Flash Player Unspecified Remote Code Execution Vulnerability

Last Update Date: 28 Jan 2011 Release Date: 28 May 2008 5266 Views

RISK: Medium Risk

Medium Risk

A vulnerability has been identified in Adobe Flash Player, which could be exploited by remote attackers to take complete control of an affected system. This issue is caused by an unspecified memory corruption error when processing a malformed SWF file, which could be exploited by attackers to crash an affected browser or execute arbitrary code by tricking a user into visiting a specially crafted web page.

Note:
It has been observed that this issue is being actively exploited in the wild.Continued investigation reveals that this issue is fairly widespread. Malicious code is being injected into other third-party domains, most likely through SQL-injection attacks. The code then redirects users to sites hosting malicious Flash files exploiting this issue.

Impact

  • Remote Code Execution

System / Technologies affected

  • Adobe Flash Player version 9.0.124.0 and prior

Solutions

There is no patch available for this vulnerability currently.

Vulnerability Identifier

  • No CVE information is available

Source

Related Link

Share with

Previous

FileZilla GnuTLS Multiple Vulnerabilities

22 May 2008 5385 Views

Next

Samba "receive_smb_raw()" Remote Buffer Overflow Vulnerability

29 May 2008 5313 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY