13 Code Execution Vulnerabilities patched in flash player by Adobe

Recently, Adobe has been patched Code Execution Vulnerabilities in flash player. Adobe informed that None of the flaws have been exploited publicly and Flash version 24.0.0.194 and earlier are vulnerable and that users should update immediately to 24.0.0.221.

Different kinds of vulnerabilities involve some sort of memory-related issues that would allow an attacker to execute code on the host system running Flash. Adobe told that it has been patched four memory-corruption and four use-after-free bugs, along with type-confusion, integer overflow and heap buffer overflow vulnerabilities.

Adobe has patched nine vulnerabilities in its ebook reader software Adobe Digital Editions. None of the flaws were rated the highest severity, though a heap buffer overflow vulnerability, CVE-2017-2973, could lead to code execution. Adobe has also patched two vulnerabilities in Adobe Campaign for Windows and Linux, its online marketing and Web analytics software.

Adobe has also patched two vulnerabilities in Adobe Campaign for Windows and Linux, its online marketing and Web analytics software. Both flaws are rated moderate severity. One could be exploited by an authenticated user to gain read and write access to the system, while the other is an input validation weakness that could expose the system to cross-site scripting attacks.

Leave a Reply

Your email address will not be published. Required fields are marked *