Adobe Flash Player and AIR Image Processing Use After Free Remote Code Execution Vulnerability

Adobe Flash Player and AIR is prone to a remote code-execution vulnerability due to a use-after-free condition.

An attacker can exploit this issue by enticing an unsuspecting victim to view a malicious webpage.

Successful exploits will allow attackers to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.

NOTE: This issue was previously covered in BID 40759 (Adobe Flash Player 10.0.45.2 and AIR 1.5.3.9130 Multiple Remote Vulnerabilities) but has been assigned its own record to better document it.


 

Privacy Statement
Copyright 2010, SecurityFocus