Systems Affected
Adobe Flash Player Desktop Runtime versions
27.0.0.159 and earlier for Windows, Macintosh and Linux
Adobe Flash Player for Google Chrome versions 27.0.0.159 and earlier for Windows,
Macintosh, Linux and Chrome OS
Adobe Flash Player for Microsoft Edge and Internet Explorer 11 versions 27.0.0.159 and
earlier for Windows 10 and 8.1
Threat Level
Overview
The reported vulnerability has the ability to allow an unauthenticated, remote
attacker to execute arbitrary code on the target system.
Description
The vulnerability occurs
due to improper memory operations by the affected software which could trigger a type
confusion error condition. A remote attacker could exploit this vulnerability by
convincing a user to open or visit link that contains specially crafted Flash content.
If the remote attacker is able to successfully exploit the vulnerability it could
allow him to execute arbitrary code with the privileges of currently logged-in user or
could take full control of the affected system.
Adobe has confirmed the vulnerability in a security bulletin and released software
updates.
Impact
Solution/ Workarounds
✻ Update the latest version of the Mozilla's Firefox on Windows, Linux and Mac.
References
http://www.cert-in.org.in/ https://tools.cisco.com/security/center/viewAlert.x?alertId=55624
Disclaimer
The information provided herein is on "as is" basis, without warranty of any
kind.
|