Adobe fixed eight vulnerabilities across three products, including two critical memory corruption bugs and a critical XML parsing flaw, with its regularly scheduled update on Tuesday.
RoboHelp for Windows, ColdFusion, and as usual, Flash Player, all received updates as part of the company’s Patch Tuesday security bulletins.
Versions 22.214.171.124 and earlier of Flash Player are affected by the memory corruption vulnerabilities (CVE-2017-11281, CVE-2017-11282). Adobe warned the bugs, discovered by Mateusz Jurczyk and Natalie Silvanovich of Google Project Zero, could lead to code execution if exploited.
To read the original article : https://threatpost.com/adobe-fixes-eight-vulnerabilities-in-flash-robohelp-flash-player/127944/