From ZDNet UK:
IT professionals have been warned to patch vulnerabilities in the Adobe Flash Player application and Sun Java Runtime Environment as soon as possible.
The vulnerabilities mean that employees can get “hacked just by viewing a web page that contains malicious Flash or Java content”, warned antivirus company F-Secure in its blog.
Both Adobe and Sun issued patches for the vulnerabilities in updates last week. The Adobe update addresses an input validation error in Flash Player version 9.0.45.0 and earlier versions that could lead to the potential execution of arbitrary code.
The Sun update links to a patch for a buffer overflow vulnerability in the image-parsing code in the Java Runtime Environment that may allow an untrusted applet or application to elevate its privileges.
The flaw in the Java Runtime Environment could be particularly serious if left unpatched, according to Chris Gatford, a security professional from penetration-testing firm Pure Hacking.
Flash Player PoC Exploit.
[tags]Adobe Vulnerabilities, Java Vulnerabilities[/tags]