‫ Adobe Flash Player / AIR Multiple Vulnerabilities

IRCAD2013022482
ID: IRCAD2013022482
Release Date: 2013-02-12
Criticality level: Highly critical
 
Software:
Adobe AIR 3.x
Adobe Flash Player 11.x
 
Description:
Multiple vulnerabilities have been reported in Adobe Flash Player and AIR, which can be exploited by malicious people to disclose certain sensitive information and compromise a user's system.
1) Some unspecified errors can be exploited to cause buffer overflows.
2) Some use-after-free errors can be exploited to dereference already freed memory.
3) An integer overflow error can be exploited to execute arbitrary code.
4) An unspecified error can be exploited to corrupt memory.
5) An unspecified error can be exploited to corrupt memory.
6) An unspecified error can be exploited to disclose certain sensitive information.
Successful exploitation of vulnerabilities #1 through #5 may allow execution of arbitrary code.
The vulnerabilities are reported in the following products and versions:
* Adobe Flash Player versions 11.5.502.149 and prior for Windows and Macintosh
* Adobe Flash Player versions 11.2.202.262 and prior for Linux
* Adobe Flash Player versions 11.1.115.37 and prior for Android 4.x
* Adobe Flash Player versions 11.1.111.32 and prior for Android 3.x and 2.x
* Adobe AIR versions 3.5.0.1060 and prior
* Adobe AIR versions 3.5.0.1060 SDK and prior
 
Solution
Update to a fixed version.
 
References:
Adobe (APSB13-05):
 
Secunia:
 
 
 

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 25 بهمن 1391

امتیاز

امتیاز شما
تعداد امتیازها:0