KLA11085
Multiple vulnerabilities in Adobe Flash Player

Multiple serious vulnerabilities have been found in Adobe Flash Player versions earlier than 26.0.0.151. Malicious users can exploit these vulnerabilities to obtain sensitive information and execute arbitrary code.

Below is a complete list of vulnerabilities:

1. Security bypass vulnerability related to performing URL redirect can be exploited remotely to obtain sensitive information;
2. Type confusion vulnerability which occurs while parsing SWF files can be exploited remotely to execute arbitrary code.

Technical details

To update Adobe Flash Player ActiveX (detected as Flash.ocx) on Windows 8 and higher, install latest updates from Control Panel

Adobe Flash Player versions earlier than 26.0.0.151

Update to the latest versions
Download Adobe Flash Player

The following public exploits exists for this vulnerability:

https://www.exploit-db.com/exploits/42480

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.