Multiple vulnerabilities in Adobe Flash Player

1) Null pointer dereference

The vulnerability allows a remote attacker to cause DoS conditions on the target system.

The weakness exists due to NULL pointer dereference when processing .swf content. A remote attacker can create a specially crafted Web site, trick the victim into visiting it and cause the application to crash.

Install update from vendor's website.

https://helpx.adobe.com/security/products/flash-player/apsb15-04.html

2) Null pointer dereference

The vulnerability allows a remote attacker to cause DoS conditions on the target system.

The weakness exists due to NULL pointer dereference when processing .swf content. A remote attacker can create a specially crafted Web site, trick the victim into visiting it and cause the application to crash.

Install update from vendor's website.

https://helpx.adobe.com/security/products/flash-player/apsb15-04.html

3) Null pointer dereference

The vulnerability allows a remote attacker to cause DoS conditions on the target system.

The weakness exists due to NULL pointer dereference when processing .swf content. A remote attacker can create a specially crafted Web site, trick the victim into visiting it and cause the application to crash.

Install update from vendor's website.

https://helpx.adobe.com/security/products/flash-player/apsb15-04.html

4) Buffer overflow

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to buffer overflow when processing .swf content. A remote attacker can create a specially crafted Web site, trick the victim into visiting it, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation results in arbitrary code execution on the vulnerable system.

Install update from vendor's website.

https://helpx.adobe.com/security/products/flash-player/apsb15-04.html

5) Heap-based buffer overflow

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to heap-based buffer overflow when processing .swf content. A remote attacker can create a specially crafted Web site, trick the victim into visiting it, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation results in arbitrary code execution on the vulnerable system.

Install update from vendor's website.

https://helpx.adobe.com/security/products/flash-player/apsb15-04.html

6) Heap-based buffer overflow

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to heap-based buffer overflow when processing .swf content. A remote attacker can create a specially crafted Web site, trick the victim into visiting it, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation results in arbitrary code execution on the vulnerable system.

Install update from vendor's website.

https://helpx.adobe.com/security/products/flash-player/apsb15-04.html

7) Type confusion

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to type confusion error when processing .swf content. A remote attacker can create a specially crafted Web site, trick the victim into visiting it, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation results in arbitrary code execution on the vulnerable system.

Install update from vendor's website.

https://helpx.adobe.com/security/products/flash-player/apsb15-04.html

8) Memory corruption

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error when processing .swf content. A remote attacker can create a specially crafted Web site, trick the victim into visiting it, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation results in arbitrary code execution on the vulnerable system.

Install update from vendor's website.

https://helpx.adobe.com/security/products/flash-player/apsb15-04.html

9) Memory corruption

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error when processing .swf content. A remote attacker can create a specially crafted Web site, trick the victim into visiting it, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation results in arbitrary code execution on the vulnerable system.

Install update from vendor's website.

https://helpx.adobe.com/security/products/flash-player/apsb15-04.html

10) Memory corruption

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error when processing .swf content. A remote attacker can create a specially crafted Web site, trick the victim into visiting it, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation results in arbitrary code execution on the vulnerable system.

Install update from vendor's website.

https://helpx.adobe.com/security/products/flash-player/apsb15-04.html

11) Memory corruption

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error when processing .swf content. A remote attacker can create a specially crafted Web site, trick the victim into visiting it, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation results in arbitrary code execution on the vulnerable system.

Install update from vendor's website.

https://helpx.adobe.com/security/products/flash-player/apsb15-04.html

12) Memory corruption

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error when processing .swf content. A remote attacker can create a specially crafted Web site, trick the victim into visiting it, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation results in arbitrary code execution on the vulnerable system.

Install update from vendor's website.

https://helpx.adobe.com/security/products/flash-player/apsb15-04.html

13) Memory corruption

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error. A remote attacker can create a specially crafted Web site, trick the victim into visiting it, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation results in arbitrary code execution on the vulnerable system.

Install update from vendor's website.

https://helpx.adobe.com/security/products/flash-player/apsb15-04.html

14) Use-after-free error

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to use-after-free error when processing .swf content. A remote attacker can create a specially crafted Web site, trick the victim into visiting it, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation results in arbitrary code execution on the vulnerable system.

Install update from vendor's website.

https://helpx.adobe.com/security/products/flash-player/apsb15-04.html

15) “Use-after-free” error

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to use-after-free error. A remote attacker can create a specially crafted Web site, trick the victim into visiting it, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation results in arbitrary code execution on the vulnerable system.

Install update from vendor's website.

https://helpx.adobe.com/security/products/flash-player/apsb15-04.html

16) Use-after-free error

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to use-after-free error when processing .swf content. A remote attacker can create a specially crafted Web site, trick the victim into visiting it, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation results in arbitrary code execution on the vulnerable system.

Install update from vendor's website.

https://helpx.adobe.com/security/products/flash-player/apsb15-04.html

17) Use-after-free error

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to use-after-free error when processing .swf content. A remote attacker can create a specially crafted Web site, trick the victim into visiting it, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation results in arbitrary code execution on the vulnerable system.

Note: the vulnerability was being actively exploited.

Install update from vendor's website.

https://helpx.adobe.com/security/products/flash-player/apsb15-04.html