Multiple serious vulnerabilities were found in Adobe Flash Player. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges.

Below is a complete list of vulnerabilities:

1. An use-after-free vulnerability can be exploited remotely via specially crafted file to execute arbitrary code;
2. A DLL hijacking vulnerability can be exploited locally to gain privileges,

Technical details

To update Adobe Flash Player ActiveX (detected as Flash.ocx) on Windows 8 and higher, use the solution from KLA11381

Adobe Flash Player earlier than 32.0.0.101

Update to the latest version
Flash Player Download Center

APSB18-42

The following public exploits exists for this vulnerability:

https://www.exploit-db.com/exploits/46051

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.