VULNERABILITIES / FIXES - May 07, 2012
by Carol~ - 5/7/12 8:23 AM
Adobe Flash Player Object Confusion Vulnerability
Release Date : 2012-05-07
Criticality level : Extremely critical
Impact : System access
Where : From remote
Solution Status : Vendor Patch
Software: Adobe Flash Player 11.x
A vulnerability has been reported in Adobe Flash Player, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an error related to object confusion. No further information is currently available.
Successful exploitation allows execution of arbitrary code.
NOTE: The vulnerability is reportedly being actively exploited in targeted attacks.
The vulnerability is reported in the following versions:
* Adobe Flash Player versions 184.108.40.206 and prior for Windows, Macintosh, and Linux.
* Adobe Flash Player versions 220.127.116.11 and prior for Android 4.x and versions 18.104.22.168 and prior for Android 3.x and 2.x.
Update to a fixed version.
Provided and/or discovered by:
Reported as a 0-day.