Summary
This host is installed with Adobe Flash Player/Air and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow attackers to obtain sensitive information or cause a denial of service.
Impact Level: Application/System.
Solution
Update to Adobe Air2.0.2.12610 or Adobe Flash Player 9.0.277.0 or 10.0.45.2, http://get.adobe.com/air
http://www.adobe.com/support/flashplayer/downloads.html
Insight
The flaws are due to input validation errors, memory corruptions, array indexing, use-after-free, integer and buffer overflows, and invalid pointers when processing malformed Flash content.
Affected
Adobe AIR version prior to 2.0.2.12610,
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64 on windows.
References
Severity
Classification
-
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Acrobat Multiple Unspecified Vulnerabilities -01 Feb13 (Windows)
- Adobe Acrobat Remote Code Execution Vulnerability(Win)
- 3S CoDeSys CmpWebServer Multiple Vulnerabilities
- Adobe Flash Player 'SWF' File Multiple Code Execution Vulnerability - Mac OS X
- Adobe AIR Multiple Vulnerabilities-01 Dec13 (Mac OS X)