Skip navigation

Macromedia Flash Subject to Arbitrary Code Execution

A vulnerability in Macromedia Flash Player, which can allow a remote intruder to run arbitrary code in the context of the currently- logged iI-on user. The vulnerability is the result of a failure to enforce array boundaries, which allows an intruder to run arbitrary code by creating a specifically crafted Flash file. The vulnerability affects Flash Player and earlier versions. For more details about the vulnerability, visit eEye's advisory.

Macromedia has released an updated version of Flash Player that corrects this problem. To obtain the update and get Macromedia's perspective on this vulnerability, visit their Web.

TAGS: Security
Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.