Buffer overflow in Adobe Flash Player prior to 10.3.183.51 and 11.x prior to 11.5.502.149 on Windows and Mac OS X, prior to 10.3.183.51 and 11.x prior to 11.2.202.262 on Linux, prior to 11.1.111.32 on Android 2.x and 3.x, and prior to 11.1.115.37 on Android 4.x allows remote malicious users to execute arbitrary code via crafted SWF content, as exploited in the wild in February 2013.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
adobe flash_player |
Perhaps one of the most explosively discussed subjects of 2015 was the compromise and data dump of Hacking Team, the infamous Italian spyware company. For those who are not familiar with the subject, Hacking Team was founded in 2003 and specialized in selling spyware and surveillance tools to governments and law enforcement agencies. On July 5, 2015, a large amount of data from the company was leaked to the Internet with a hacker known as “Phineas Fisher” claiming responsibility for the brea...
This article is based on technical data from Kaspersky Lab experts and their analysis of the Korablin and Morcut malicious programs. A number of conclusions have been drawn by Kaspersky Lab experts based on open source data references in the conclusion of this publication. Any questions regarding the contents of this article can be posted on Kaspersky Lab’s securelist.com website, or you can contact Kaspersky Lab’s PR Service directly via Kaspersky.com. According to Wikipedia, “Spyware is...
Last week, Adobe released a patch for a vulnerability in Flash Player that was being exploited in targeted attacks. Before reading any further, we recommend you to take a moment make sure you apply this patch. Adobe offers this nifty tool to check that you have the latest version of Flash Player. If you are running Google Chrome, make sure you have version -24.0.1312.57 m- or later. Now back to CVE-2013-0633, the critical vulnerability that was discovered and reported to Adobe by Kaspersky Lab r...
Critical block for active Win and Mac attacks
Updated Adobe published a critical Flash Player update on Thursday that fixes not just one but two zero-day flaws, both under active attack by hackers. Both Windows and Mac users are in the firing line. One of the vulnerabilities (CVE-2013-0633) is being harnessed in targeted attacks designed to trick marks into opening a Microsoft Word document email attachment that contains malicious Flash (SWF) content. The exploit targets the ActiveX version of Flash Player on Windows. The second vulnerabili...