Adobe AIR 18.0.0.199 Execute Arbitrary Code Vulnerabilities
26 Aug. 2015
Summary
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code
Credit:
The information has been provided by Natalie Silvanovich of Google Project Zero.
Vulnerable Systems:
* Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199
Adobe Flash Player and AIR are prone to multiple remote code-execution vulnerabilities because of a use-after-free error. Attackers can exploit these issues to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition.