Intrusion Prevention

Adobe.Flash.Player.DefineButton2.Memory.Corruption

Description

This indicates a possible attack against a memory-corruption vulnerability in Adobe Flash Player.
This vulnerability is due to an error when the vulnerable software handles a malformed Flash file. An attacker may exploit this to execute arbitrary code.

Affected Products

Adobe Flash Player 10.1.85.3 and earlier versions for Windows, Macintosh, Linux, and Solaris
Adobe Flash Player 10.1.95.1 for Android
Adobe AIR 2.0.4 and earlier versions for Windows, Macintosh, Linux and Android

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Refer to the vendor's web site for the suggested workaround:
http://www.adobe.com/support/security/advisories/apsa10-26.html

CVE References

CVE-2010-3643