Last Updated: 2008-05-28 23:15:20 UTC
by Adrien de Beaupre (Version: 3)
A vulnerability has been reported in Adobe Flash Player versions 22.214.171.124 and older, which is the current version available for download now. Adobe has not yet released a patch nor an official advisory. Stay tuned for further developments. Thanks to Steven and Adrien for letting us know
Update1: Symantec has observed that this issue is being actively exploited in the wild and have elevated their ThreatCon.
Update2: A SecurityFocus article is now live here.
Updated: May 28 2008 07:53PM - "...Further research indicates that this vulnerability is the same issue described in BID 28695** (Adobe Flash Player Multimedia File Remote Buffer Overflow Vulnerability), so this BID is being retired
Adrien de Beaupré
Bell Canada, Professional Services