OSVDB ID: 77029

Title: Adobe Flash Player Unspecified Remote Memory Corruption (2011-2460)

Info

Disclosure
Nov 10, 2011

Discovery
Unknown

Dates

Exploit
Unknown

Solution
Nov 10, 2011

Description

 An unspecified memory corruption flaw exists in Adobe Flash Player. The program fails to sanitize user-supplied input, resulting in memory corruption. With a specially crafted file, a context-dependent attacker can execute arbitrary code.

Classification

 Location: Local / Remote, Context Dependent
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Upgrade
Exploit: Exploit Private
Disclosure: Vendor Verified, Coordinated Disclosure

Solution

 Upgrade Flash Player to version 11.1.102.55 or higher, Flash Player for Android to 11.1.102.59 or higher, or Adobe Air to version 3.1.0.4880 or higher, as they have been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Adobe Systems Incorporated

Flash Player

 11.0.1.152

Flash Player for Android

 11.0.1.153

AIR

 3.0

References

Credit

Unknown or Incomplete


Direct URL: http://osvdb.org/77029