Adobe Flash Player Cross Site Scripting and Other Vulnerabilities

Last Update Date: 16 Feb 2012 10:21 Release Date: 16 Feb 2012 4511 Views

RISK: High Risk

High Risk

TYPE: Clients - Audio & Video

TYPE: Audio & Video

Multiple vulnerabilities have been identified in Adobe Flash Player, which can be exploited to cause a crash and potentially allow an attacker to take control of the affected system.

 

This update also resolves cross-site scripting vulnerability that could be used to take actions on a user's behalf on any website or webmail provider, if the user visits a malicious website. It is reported that this vulnerability (CVE-2012-0767) is being exploited in the wild in active targeted attacks designed to trick the user into clicking on a malicious link delivered in an email message (Internet Explorer on Windows only).

Impact

  • Cross-Site Scripting
  • Remote Code Execution

System / Technologies affected

  • Adobe Flash Player 11.1.102.55 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems
  • Adobe Flash Player 11.1.112.61 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.5 and earlier versions for Android 3.x and 2.x

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

 

Vulnerability Identifier

Source

Related Link

Share with

Previous

Microsoft Windows Indeo Codec Insecure Library Loading Vulnerability

15 Feb 2012 4278 Views

Next

Google Chrome Multiple Vulnerabilities

17 Feb 2012 4694 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY