More reasons why Flash, while cool looking, is troublesome. From the folks at Secunia:
Description:
Multiple vulnerabilities have been reported in Adobe Flash Player, which can be exploited by malicious people to bypass certain security restrictions or compromise a user’s system.
1) Various unspecified input validation errors may allow arbitrary code execution when e.g. visiting a malicious website.
2) An unspecified error can be exploited to bypass the “allowScriptAccess” option.
3) Unspecified errors exist in the way the ActiveX control is invoked by Microsoft Office products on Windows.
Solution:
Update to version 9.0.16.0 or another fixed version (see the vendor advisory for details).
[tags]Adobe, Flash Player, Vulnerability, Remote Exploit, Secunia[/tags]
