Flash Player < 12.0.0.43 Multiple Vulnerabilities (APSB14-02)

High

Synopsis

The remote host contains a browser plug-in that is affected by multiple vulnerabilities. Its version number was inferred using traffic generated by online advertisements.

Description

Versions of Flash earlier than 12.0.0 are potentially affected by the following vulnerabilities:

- An unspecified vulnerability exists that can be used to bypass Flash Player security protections. (CVE-2014-0491)

- An unspecified vulnerability exists that can be used to bypass memory address layout randomization. (CVE-2014-0492)

Solution

Upgrade to Flash Player 12.0.0.43 or later.