Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code and Obtain Information
Adobe Flash Player 10.x, Adobe Flash Player 11.x
Two vulnerabilities were reported in Adobe Flash Player. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can obtain potentially information.
A remote user can create specially crafted content that, when loaded by the target user, will trigger a memory corruption error in Matrix3D and execute arbitrary code on the target system [CVE-2012-0768]. The code will run with the privileges of the target user.
A remote user can create Flash content that, when loaded by the target user, will execute arbitrary code on the target user's system or obtain potentially sensitive information.
The vendor has issued a fix (220.127.116.11, 18.104.22.168, 22.214.171.124).