فا

‫ Adobe Flash Player Multiple Vulnerabilities

IRCAD2014093504

ID: IRCAD2014093504

Release Date: 2014-09-08

Criticality level: Highly critical

Software:
Adobe Flash Player 11.x
Adobe Flash Player 13.x
Description:

Some vulnerabilities have been reported in Adobe Flash Player, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.

1) Some unspecified errors can be exploited to leak memory and subsequently bypass memory address randomization.

2) An unspecified error can be exploited to bypass certain security restrictions.

3) A use-after-free error can be exploited to execute arbitrary code.

4) Multiple unspecified errors can be exploited to corrupt memory.

5) An unspecified error can be exploited to bypass the same origin policy.

6) An unspecified error can be exploited to cause a heap-based buffer overflow.

Successful exploitation of the vulnerabilities #4 and #6 may allow execution of arbitrary code.

The vulnerabilities are reported in the following products and versions:

* Adobe Flash Player Extended Support Release versions 13.0.0.241 and prior running on Windows and Macintosh

* Adobe Flash Player version 11.2.202.400 running on Linux

Solution

Update to a fixed version.

References:
Secunia:

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 19 شهریور 1393

امتیاز

امتیاز شما
تعداد امتیازها:0