Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code .
Adobe Flash Player 18.104.22.168 on Windows and Mac OS X and prior versions
Two vulnerabilities exploited by the Intevydis vd_adobe_fp module in VulnDisco Step Ahead were reported in Adobe Flash Player.
A remote or local user can obtain potentially sensitive information. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can create a specially crafted SWF file that, when loaded by the target user, will execute arbitrary code on the target system. The code will run with the privileges of the target user.
A remote user can create Flash content that, when loaded by the target user, will execute arbitrary code on the target user's system.
No solution was available at the time of this entry.