iSEC applied targeted fuzzing to the ActionScript 2 virtual machine used by the Adobe Flash player, and identified several issues which could lead to denial of service, information disclosure or code execution when parsing a malicious SWF file. Adobe Flash Player versions 9.0.124.0 and below, AIR 1.1, Flash CS3/CS4 Professional, and Flex 3 are all affected.
8e6606f27424c5ca99f203f2867baed82d3d8dfb7c7883135b0107b1d88d1740