Adobe Flash Player (CVE-2010-2162) Heap Memory Corruption Remote Code Execution Vulnerability

Adobe Flash Player and AIR are prone to a remote heap-based memory-corruption vulnerability that occurs when parsing specially crafted MP4 files.

Attackers can exploit this issue to execute arbitrary code in the context of the application. Failed attacks may cause a denial-of-service condition.

NOTE: This issue was previously covered in BID 40759 (Adobe Flash Player 10.0.45.2 and AIR 1.5.3.9130 Multiple Remote Vulnerabilities) but has been given its own record to better document it.


 

Privacy Statement
Copyright 2010, SecurityFocus