Adobe Flash Player Font Parsing Code Execution Vulnerability - (Windows) Network Vulnerability

Summary

This host is installed with Adobe Flash Player and is prone to unspecified code execution vulnerability.

Impact

Successful exploitation will let attackers to execute arbitrary code or cause the application to crash and take control of the affected system. Impact Level: System/Application

Solution

Upgrade to Adobe Flash Player version 11.3.300.271 or later, For details refer, http://www.adobe.com/downloads/

Insight

An unspecified error occurs when handling SWF content in a word document. This may allow a context-dependent attacker to execute arbitrary code.

Affected

Adobe Flash Player version prior to 11.3.300.271 on Windows

References

http://osvdb.org/show/osvdb/84607
http://secunia.com/advisories/50285/
http://www.adobe.com/support/security/bulletins/apsb12-18.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-1535

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Acrobat and Reader 'printSeps()' Function Heap Corruption Vulnerability
Adobe Air Multiple Vulnerabilities - October 12 (Mac OS X)
Adobe Acrobat Multiple Vulnerabilities -01 Jan 13 (Windows)
Adobe Flash Player 'SWF' File Multiple Code Execution Vulnerability - Mac OS X
Adobe Flash Player Arbitrary Code Execution Vulnerability - 01 Feb14 (Mac OX S)

Take action and discover your vulnerabilities