فا

‫ Adobe Flash Player / AIR Multiple Vulnerabilities

IRCAD2014053315

Number: IRCAD2014053315

Date: 2014/05/13

Criticality level: Highly critical

Software:

Adobe AIR 13.x

Adobe Flash Player 11.x

Adobe Flash Player 13.x

Description

Multiple vulnerabilities have been reported in Adobe Flash Player and Adobe AIR, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.

1) A use-after free error can be exploited to corrupt memory.

Successful exploitation of this vulnerability may allow execution of arbitrary code.

2) An unspecified error can be exploited to bypass the same origin policy.

3) Multiple unspecified errors can be exploited to bypass certain security restrictions.

The vulnerabilities are reported in the following products and versions:

* Adobe Flash Player versions 13.0.0.206 and prior for Windows and Macintosh.

* Adobe Flash Player versions 11.2.202.356 and prior for Linux.

* Adobe AIR SDK and SDK & Compiler versions 13.0.0.83 and prior.

Solution:

Update to a fixed version.

Resources:

APSB14-14:
http://helpx.adobe.com/security/products/flash-player/apsb14-14.html

secunia:
 
 
 

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 24 اردیبهشت 1393

امتیاز

امتیاز شما
تعداد امتیازها:0