Adobe releases patch for exploited Flash vulnerability
Adobe has published a Security Bulletin for the Adobe Flash Player Remote Code Execution Vulnerability (CVE-2015-3113). The new Security Bulletin, APSB15-14, identifies a heap buffer overflow vulnerability which affects various versions of Adobe Flash Player across multiple platforms. Exploitation of this critical vulnerability could allow an attacker to remotely execute arbitrary code. Adobe has acknowledged reports of this vulnerability being exploited in the wild in limited targeted attacks.
The following versions of Adobe Flash Player are vulnerable:
- Adobe Flash Player 184.108.40.206 and earlier versions for Windows and Mac OS X
- Adobe Flash Player Extended Support Release version 220.127.116.112 and earlier 13.x versions for Windows and Mac OS X
- Adobe Flash Player 18.104.22.1686 and earlier 11.x versions for Linux