Adobe_Flash_Player_Invalid_Object_Reference_Code_Execution_attack

A vulnerability exists in the Adobe Flash Player. The vulnerability is a result of referencing to an invalid object when parsing maliciously crafted SWF files. An attacker could exploit this vulnerability by enticing a target user to open a malicious SWF file. Successful exploitation can lead to injection and execution of arbitrary code in the security context of the currently logged in user. In an attack case where code injection is not successful, the affected application will terminate abnormally. In a more sophisticated attack scenario where code injection is successful, the behaviour of the target host is entirely dependent on the intended function of the injected code. The code in such a case would execute within the security context of the current user.