Adobe Flash ActionScript 3 opaqueBackground Use-After-Free Vulnerability

Original release date: July 11, 2015

Adobe Flash Player contains a critical vulnerability within the ActionScript 3 opaqueBackground class, which could allow a remote attacker to execute arbitrary code on a vulnerable system. Versions affected include Adobe Flash Player 9 through 18.0.0.204.

Users and administrators are encouraged to review Adobe Security Advisory (CVE-2015-5122) and Vulnerability Note VU#338736 for workaround information.

No patch is currently available.


This product is provided subject to this Notification and this Privacy & Use policy.




from US-CERT: The United States Computer Emergency Readiness Team http://ift.tt/1M2ISmG