Flash Player <= 11.7.700.260 / 12.0.0.43 (inferred) Remote Code Execution (APSB14-04)

High

Synopsis

The remote host contains a browser plug-in that may be vulnerable to remote code execution.

Description

Versions of Flash earlier than 11.7.700.260 / 12.0.0.43 are vulnerable to remote code execution, though no further details have been released by the vendor. (CVE-2014-0491)

Exploits against this vulnerability are known to be used in the wild.

Solution

Upgrade to Flash Player 11.7.700.261 / 12.0.0.44 or later.