Stack-based buffer overflow in the ActionScript Virtual Machine (AVM) component in Adobe Flash Player prior to 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and prior to 10.3.186.7 on Android, allows malicious users to execute arbitrary code or cause a denial of service via unspecified vectors.
Adobe pushed an emergency update to its ubiquitous Flash player yesterday that closed holes on 6 separate vulnerabilities. Of the 6, 4 were related directly to code execution (CVE-2011-2426, CVE-2011-2427, CVE-2011- 2428, CVE-2011-2430) One revolves around a universal cross-site scripting issue (CVE-2011-2444), and the last vulnerability can lead to information disclosure (CVE-2011-2429). We recommend that you update all systems immediately. Adobe also states that CVE-2011-2444 relating to cross...