Multiple memory corruption vulnerabilities in Adobe Flash Player could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system.
An unauthenticated, remote attacker could exploit this vulnerability by convincing a targeted user to view a website that contains malicious Flash content. Processing the malicious content could trigger memory errors that the attacker could use to execute arbitrary code on the vulnerable system with the privileges of the targeted user.
Users are advised not to open email messages from suspicious or unrecognized sources. If users cannot verify that links or attachments included in email messages are safe, they are advised not to open them.
Adobe has released a security bulletin at the following link: APSB13-28
Red Hat has released an official CVE statement and a security advisory for bug 1040185 at the following links: CVE-2013-5331 and RHSA-2013:1818
Adobe has released updated software available at the following links:
Red Hat has released updated software for registered subscribers at the following link: Red Hat Network. Red Hat packages can be updated on Red Hat Enterprise Linux versions 5 and later using the yum tool.