Adobe Flash Player contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system.
Adobe Flash Player versions 10.1.102.64 and prior
Critical vulnerabilities have been identified in Adobe Flash Player 10.1.102.64 and earlier versions for Windows, Macintosh, Linux, and Solaris. These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system.
The vulnerability exists because of an unspecified error when processing Adobe Flash content. An unauthenticated, remote attacker could exploit the vulnerability by convincing a user to view malicious Flash content, likely by means of a malicious website. If successful, the attacker could execute arbitrary code with the privileges of the user on the targeted system.
To exploit the vulnerability, an attacker must persuade a user to visit a malicious website that hosts crafted Flash content, or provide a crafted .swf file to the user. The attacker would likely use social engineering techniques, such as using e-mail attachments, instant messaging, or other forms of communication, to achieve this objective.
An unauthenticated, remote attacker could exploit this vulnerability to execute arbitrary code on a targeted system.
Adobe has released updates via automatic mechanisms or at the following links: