icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Flash Player < 10.2.159.1 Unspecified Memory Corruption (APSB11-07)

High

Synopsis

The remote host contains a browser plugin that is affected by a memory corruption vulnerability.

Description

Versions of Flash Player earlier than 10.2.159.1 are potentially affected by a memory corruption vulnerability. By tricking a user on the affected system into opening a specially crafted document with Flash content, such as a SWF file embedded in a Microsoft Word document, and attacker can potentially leverage this issue to execute arbitrary code remotely on the system subject to the user's privileges. Note that there are reports that this issue is being exploited in the wild as of April 2011.

Solution

Upgrade to Flash Player 10.2.159.1 or later.