A use-after-free vulnerability exists in Adobe Flash Player prior to 28.0.0.161. This vulnerability occurs due to a dangling pointer in the Primetime SDK related to media player's quality of service functionality. A successful attack can lead to arbitrary code execution.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
adobe flash_player |
||
redhat enterprise linux server 6.0 |
||
redhat enterprise linux workstation 6.0 |
||
redhat enterprise linux desktop 6.0 |
Emergency patch lands, shuts pair of remote exploitable holes, one used by Norks
Adobe has issued an emergency security patch for two bugs in its Flash player – after North Korea's hackers were spotted exploiting one of the flaws to spy on people investigating the creepy hermit nation. At the start of the month, South Korea's Computer Emergency Response Team put the world on alert after it found miscreants abusing Flash to take control of and surveil Windows PCs in its country via Office documents carrying embedded malicious SWF files. Subsequent analysis showed the hackin...