Zscaler, working with Adobe through the MAPPs program has proactively deployed protections for the following three vulnerabilities included in the February 20, 2014 security bulletin (APSB14-07). Zscaler will continue to monitor exploits associated with these vulnerabilities and release and deploy additional protections as necessary.
APSB14-07 – Security updates available for Adobe Flash Player Severity: Critical Affected Software
CVE-2014-0498 – Adobe Flash Player Stack Buffer Overflow Vulnerability CVE-2014-0499 – Adobe Flash Player Out-of-Bound Vulnerability CVE-2014-0502 – Adobe Flash Player and AIR Remote Code Execution Vulnerability
Description: These updates address vulnerabilities that could potentially allow an attacker to take control of the affected system. An attacker can exploit these issues to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions.