Multiple vulnerabilities have been reported in Adobe Flash Player, which can be exploited by malicious people to bypass certain security restrictions or compromise a user's system.
1) A boundary error during the handling of strings dynamically generated at runtime can be exploited to cause a buffer overflow via an overly long string.
Successful exploitation allows execution of arbitrary code when e.g. visiting a malicious website.
2) An unspecified error allows bypassing the "allowScriptAccess" option.
3) Using a "Shockwave Flash Object", it is possible to execute Flash files containing JavaScript embedded in Office documents automatically when the Office document is opened. |