CVE-2011-0609

Name of the Vulnerable Software and Affected Versions Adobe Flash Player versions 10.2.154.13 and earlier Adobe Flash Player versions 10.1.106.16 and earlier on Android Adobe AIR version 2.5.1 and earlier Adobe Reader and Acrobat versions 9.x through 9.4.2 Adobe Reader and Acrobat versions 10.x through 10.0.1

Description The issue allows remote attackers to execute arbitrary code or cause a denial of service via crafted Flash content. It is related to a buffer overflow in memory, which can be exploited by a remote attacker to execute arbitrary code. The vulnerability has been exploited in the wild, as demonstrated by a .swf file embedded in an Excel spreadsheet.

Recommendations For Adobe Flash Player versions 10.2.154.13 and earlier, update to a version later than 10.2.154.13. For Adobe Flash Player versions 10.1.106.16 and earlier on Android, update to a version later than 10.1.106.16. For Adobe AIR version 2.5.1 and earlier, update to a version later than 2.5.1. For Adobe Reader and Acrobat versions 9.x through 9.4.2, update to a version later than 9.4.2. For Adobe Reader and Acrobat versions 10.x through 10.0.1, update to a version later than 10.0.1.