‫ Adobe Flash Player / AIR Two Vulnerabilities

IRCAD2014083466

ID: IRCAD2014083466

Release Date: 2014-08-12

Criticality level: Highly critical

Software:
Adobe AIR 14.x
Adobe Flash Player 11.x
Adobe Flash Player 14.x
Description:

Two vulnerabilities have been reported in Adobe Flash Player and Adobe AIR, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.

1) An unspecified error can be exploited to bypass certain security restrictions.

2) A use-after-free error can be exploited to corrupt memory.

Successful exploitation of this vulnerability may allow the execution of arbitrary code.

The vulnerabilities are reported in the following versions and products:

* Adobe Flash Player for Windows and Macintosh versions 14.0.0.145 and prior.

* Adobe Flash Player for Linux versions 11.2.202.394 and prior.

* Adobe AIR versions 14.0.0.110 and prior.

* Adobe AIR for Android, AIR SDK, and AIR SDK & Compiler versions 14.0.0.137 and prior.

Solution

Update to a fixed version.

References:

APSB14-18:

Secunia:
 

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 25 مرداد 1393

امتیاز

امتیاز شما
تعداد امتیازها:0