Integer overflow in the Shader filter implementation in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via a large BitmapData source object.
Vector
NETWORK
Complexity
MEDIUM
Authentication
NONE
Confidentiality
COMPLETE
Integrity
COMPLETE
Availability
COMPLETE
Adobe Flash player 18.0.0.261 (not an official CPE)
Adobe Flash player 19.0.0.185 (not an official CPE)
Adobe Air 19.0.0.241 (not an official CPE)
Adobe Air sdk & compiler 19.0.0.241 (not an official CPE)
Adobe Flash player 19.0.0.226 (not an official CPE)
Adobe Flash player 19.0.0.245 (not an official CPE)
Adobe Flash player 19.0.0.207 (not an official CPE)
Adobe Air sdk 19.0.0.241 (not an official CPE)
Adobe Flash player 11.2.202.548 (not an official CPE)