‫ Adobe Flash Player / AIR Multiple Vulnerabilities

ID: IRCAD2014023161
Release Date: 2014-02-21
Criticality level: Highly critical

Adobe AIR 4.x

Adobe Flash Player 11.x

Adobe Flash Player 12.x


Multiple vulnerabilities have been reported in Adobe Flash Player, which can be exploited by malicious people to disclose potentially sensitive information and compromise a user's system.

1) An unspecified error can be exploited to cause a stack-based buffer overflow.

2) An unspecified error can be exploited to disclose certain memory contents.

3) A double free error can be exploited to cause memory corruption.

Successful exploitation of vulnerabilities #1 and #3 may allow execution of arbitrary code.

Note: Reportedly, the vulnerability #3 is actively exploited in the wild.

The vulnerabilities are reported in the following versions and products:

* Adobe Flash Player for Windows and Macintosh versions and prior.

* Adobe Flash Player for Linux versions and prior.

* Adobe AIR, AIR SDK, and AIR SDK & Compiler versions and prior.


Update to a fixed version.



بدون نظر
شما برای نظر دادن باید وارد شوید


تاریخ ایجاد: 6 اسفند 1392


امتیاز شما
تعداد امتیازها:0