Double free vulnerability in Adobe Flash Player prior to 11.7.700.269 and 11.8.x up to and including 12.0.x prior to 12.0.0.70 on Windows and Mac OS X and prior to 11.2.202.341 on Linux, Adobe AIR prior to 4.0.0.1628 on Android, Adobe AIR SDK prior to 4.0.0.1628, and Adobe AIR SDK & Compiler prior to 4.0.0.1628 allows remote malicious users to execute arbitrary code via unspecified vectors, as exploited in the wild in February 2014.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
adobe flash_player |
||
adobe adobe air sdk |
||
adobe adobe air |
Miscreants attack fresh hole ... Windows, Mac, Linux peeps at risk
Adobe has released an update to address critical flaws in its Flash Player software, one of which is being actively targeted in the wild. The company said that the Windows and Mac OS X builds of Flash Player 12.0.0.44 and earlier, and Flash Player 11.2.202.336 and earlier for Linux, must be upgraded to fix a trio of bugs. Adobe said today's update will "resolve a stack overflow vulnerability that could result in arbitrary code execution (CVE-2014-0498)", fix "a memory leak vulnerability that cou...