Adobe Flash Player 多個漏洞
最後更新
2015年03月16日 10:50
發佈日期:
2015年03月16日
880
觀看次數
風險: 高度風險
類型: 用戶端 - 影音
Multiple vulnerabilities have been identified in Adobe Flash Player, which can be exploited by remote attacker to cause remote code execution and bypass security restrictions.
- A remote user can bypass same-origin domain policy.
- A remote user can bypass file upload restrictions.
- A remote user can create a specially crafted Flash content that, when loaded by the target user, will execute arbitrary code on the target system. The code will run with the privileges of the target user.
- Some memory corruption errors may occur.
- Some type confusion errors may occur.
- An integer overflow may occur.
- Some use-after-free memory errors may occur.
影響
- 遠端執行程式碼
- 繞過保安限制
受影響之系統或技術
- Adobe Flash Player 13.0.0.269 and earlier 13.x versions
- Adobe Flash Player 16.0.0.305 and earlier versions
- Adobe Flash Player 11.2.202.442 and earlier 11.x versions
解決方案
Before installation of the software, please visit the software manufacturer web-site for more details.
- Update to Version 17.0.0.134, ESR 13.0.0.277, 11.2.202.451 for Linux
漏洞識別碼
- CVE-2015-0332
- CVE-2015-0333
- CVE-2015-0334
- CVE-2015-0335
- CVE-2015-0336
- CVE-2015-0337
- CVE-2015-0338
- CVE-2015-0339
- CVE-2015-0340
- CVE-2015-0341
- CVE-2015-0342
資料來源
相關連結
分享至