You are here

U-118: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code and Obtain Information

March 6, 2012 - 7:00am

Addthis

PROBLEM:

Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code and Obtain Information

PLATFORM:

Adobe Flash Player 10.x, Adobe Flash Player 11.x

ABSTRACT:

Two vulnerabilities were reported in Adobe Flash Player. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can obtain potentially information.

referenceĀ  LINKS:

Secunia Advisory SA48281
CVE-2012-0769

IMPACT ASSESSMENT:

High

Discussion:

A remote user can create specially crafted content that, when loaded by the target user, will trigger a memory corruption error in Matrix3D and execute arbitrary code on the target system [CVE-2012-0768]. The code will run with the privileges of the target user.

Impact:

A remote user can create Flash content that, when loaded by the target user, will execute arbitrary code on the target user's system or obtain potentially sensitive information.

Solution:

The vendor has issued a fix (11.1.102.63, 11.1.111.7, 11.1.115.7).

Addthis