1. Skip to navigation
  2. Skip to content
  3. Skip to secondary-content

Adobe Flash Player remote code execution vulnerability

Report ID: SA200900917
Source: F-Secure
Date of Discovery: 25.02.2009
Criticality: Urgent
Adobe Flash Player 10.x
Adobe Flash Player 9.x

Compromise From: From remote
Compromise Type: Remote code execution
System access


A vulnerability has been reported in Adobe Flash Player and earlier which can allow attackers to take the complete control of the affected machine.

Detailed Description

An attacker can exploit this vulnerability when a specially crafted SWF file is loaded in Flash Player by the user. This vulnerability is due to the improper handling of SWF file by Flash Player. Adobe recommends users update to the most current version of Flash Player available for their platform


-- Adobe Flash Player 9.x --
Update to version

-- Adobe Flash Player 10.x --
Update to version


Original Reference