Skip Ribbon Commands
Skip to main content
Computer Emergency Response Team of Mauritius (CERT-MU)
Computer Emergency Response Team of Mauritius>Adobe Patches 13 Vulnerabilities in Flash Player

Adobe Patches 13 Vulnerabilities in Flash Player


Adobe has released a security update for Flash Player, patching 13 vulnerabilities. These vulnerabilities expose Flash Player to remote attacks that would give a hacker access to the underlying system. The affected versions of Flash Player include:
 
·         Adobe Flash Player 17.0.0.188 and earlier versions for Windows and Macintosh
·         Adobe Flash Player Extended Support Release 13.0.0.289 and earlier 13.x versions for Windows and Macintosh
·         Adobe Flash Player 11.2.202.460 and earlier 11.x versions for Linux
·         Adobe AIR Desktop Runtime 17.0.0.172 and earlier versions for Windows and Macintosh
·         Adobe AIR SDK and SDK & Compiler 17.0.0.172 and earlier versions for Windows and Macintosh
·         Adobe AIR 17.0.0.144 and earlier versions for Android

The most severe vulnerabilities impact Flash Player for Windows (including Flash Player for Internet Explorer 10 and 11 running on Windows 8 and 8.1), Mac OS X and Linux. The majority of the bugs patched involve memory corruption issues that can be leveraged in other attacks. Those include: a memory address randomization issue of the Flash heap for Windows 7 64 bit; stack and integer overflows, and memory corruption vulnerabilities that lead to code execution; and four use-after-free vulnerabilities and a memory leak issue that lead to code execution or a bypass of Address Space Layout Randomization (ASLR).
 
Read More:
 
Source:
 
Threatpost
 
ZDNet
 
Computerworld
 
Team Cymru
 
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Postal address
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street
Port Louis