Skip Ribbon Commands
Skip to main content
Mauritian National Computer Security Incident Response Team (CERT-MU)

VN-2017-96


Adobe Flash Player Bugs Let Remote Users Obtain Potentially Sensitive Information and Execute Arbitrary Code
Severity Rating: High
Systems Affected:
  • Adobe Flash Player versions 26.0.0.131 and before
Description
Several vulnerabilities have been identified in Adobe Flash Player and can be exploited by remote attackers to cause execution of arbitrary code to be executed on the user's system and obtain sensitive information. The vulnerabilities reported are as follows:
 
·         A remote user can create specially crafted content that, when loaded by the target user, will trigger a memory corruption error and execute arbitrary code on the target user's system.
 
·         A remote user can create specially crafted content that, when loaded by the target user, will bypass security restrictions and obtain potentially sensitive information.
 
·         A remote user can create specially crafted content that, when loaded by the target user, will trigger a memory corruption error and obtain potentially sensitive memory address information.
 
Solution
Users are advised to apply updates.
More information about the update is available on:
 
Vendor Information
Adobe
 
CVE Information
 
References
Security Tracker
 
Adobe Security Bulletin
 
Contact Information
 
Postal address
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street
Port Louis