‫ Adobe Flash Player / AIR Two Vulnerabilities

IRCAD2013123038
ID: IRCAD2013123038
Release Date: 2013-12-10
Criticality level: Highly critical
 
Software:
Adobe AIR 3.x
Adobe Flash Player 11.x
 
Description:
Two vulnerabilities have been reported in Adobe Flash Player and Adobe AIR, which can be exploited by malicious people to compromise a user's system.
1) A type confusion error exists.
2) A use-after-free error when unloading the Flash Player module can be exploited to dereference already freed memory.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
The vulnerabilities are reported in following versions and products:
* Adobe Flash Player versions 11.9.900.152 and prior for Windows and Macintosh
* Adobe Flash Player versions 11.2.202.327 and prior for Linux
* Adobe AIR versions 3.9.0.1210 and prior for Windows, Macintosh, and Android
* Adobe AIR SDK & Compiler versions 3.9.0.1210 and prior
 
Solution
Update to a fixed version.
 
References:
Adobe:
Reversing on Windows:
 
Secunia:
 

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 24 آذر 1392

امتیاز

امتیاز شما
تعداد امتیازها:0