|Number of vulnerabilities||1|
|Public exploit||This vulnerability is being exploited in the wild.|
Adobe Flash Player
Client/Desktop applications / Plugins for browsers, ActiveX components
Adobe Flash Player for Linux
Client/Desktop applications / Multimedia software
This security bulletin contains one critical risk vulnerability.
Exploit availability: YesDescription
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to use-after-free error when handling .swf files. A remote attacker can trick the victim to visit a website or open a file with malicious Flash file and execute arbitrary code on the target system with privileges of the current user.
Note: this vulnerability was being actively exploited in the wild.Mitigation
Update the affected packages.
Adobe Flash Player: 126.96.36.199 - 188.8.131.52
Adobe Flash Player for Linux: 184.108.40.206 - 220.127.116.113
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?