Release date:
Updated on:
Affected Systems:
Adobe Flash Player 11.9.900.170
Adobe AIR <= 3.9.0.1380
Description:
--------------------------------------------------------------------------------
Bugtraq id: 64810
CVE (CAN) ID: CVE-2014-0492
Adobe Flash Player is an integrated multimedia Player. Adobe AIR is a technology developed based on the combination of network and desktop applications. It can control cloud programs on the network without having to use a browser.
Adobe Flash Player 11.9.900.170, Adobe AIR 3.9.0.1380, and earlier versions have security vulnerabilities. Malicious users exploit this vulnerability to obtain memory information.
<* Source: Masato Kinugawa
Link: http://secunia.com/advisories/56267/
Http://helpx.adobe.com/security/products/flash-player/apsb14-02.html
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Adobe
-----
Adobe has released a Security Bulletin (APSB14-02) and patches for this:
APSB14-02: Security updates available for Adobe Flash Player
Link: http://helpx.adobe.com/security/products/flash-player/apsb14-02.html