Heap-based buffer overflow in Adobe Flash Player prior to 18.0.0.268 and 19.x and 20.x prior to 20.0.0.228 on Windows and OS X and prior to 11.2.202.554 on Linux, Adobe AIR prior to 20.0.0.204, Adobe AIR SDK prior to 20.0.0.204, and Adobe AIR SDK & Compiler prior to 20.0.0.204 allows malicious users to execute arbitrary code via an MP3 file with COMM tags that are mishandled during memory allocation, a different vulnerability than CVE-2015-8438.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
adobe flash_player |
||
adobe flash_player 19.0.0.226 |
||
adobe flash_player 19.0.0.207 |
||
adobe flash_player 19.0.0.245 |
||
adobe flash_player 19.0.0.185 |
||
adobe air |
||
adobe air_sdk_\\&_compiler |
||
adobe air_sdk |
There is no honour among content thieves
Scores of Game of Thrones pirates may have had computers encrypted by ransomware after malvertisers served the dangerous malware through the Pirate Bay during the mega-series' season six première last weekend. MalwareBytes researcher Jerome Segura says the hard-working Magnitude exploit kit authors were able to target pirates after they bought advertising space on the infamous Bittorrent website targeting users with pop-under ads. Magnitude is a hugely successful crimeware offering that allows ...