KLA11223
Multiple vulnerabilities in Adobe Flash Player

Multiple serious vulnerabilities have been found in Adobe Flash Player. Malicious users can exploit these vulnerabilities to execute arbitrary code and obtain sensitive information.

1. Use-After-Free vulnerability can be exploited remotely to execute arbitrary code;
2. Out-of-bounds reading vulnerabilities can be exploited remotely to obtain sensitive information;
3. Out-of-bounds writing vulnerabilities can be exploited remotely to execute arbitrary code;
4. Heap overflow vulnerability can be exploited remotely to obtain sensitive information.

Technical details

To update Adobe Flash Player ActiveX (detected as Flash.ocx) on Windows 8 and higher, install latest updates from Control Panel

Adobe Flash Player earlier than 29.0.0.140

Update to the latest version
Download Adobe Flash Player

The following public exploits exists for this vulnerability:

https://www.exploit-db.com/exploits/44528

https://www.exploit-db.com/exploits/44527

https://www.exploit-db.com/exploits/44526

https://www.exploit-db.com/exploits/44529