Adobe on Tuesday posted a Security Bulletin alerting the public that it has identified a critical vulnerability in Adoble Flash Player 10.0.45.2 and earlier versions for Windows, Mac, Linux, and Solaris operating systems. A security flaw was also found in the authplay.dll component that ships with Adobe Reader and Acrobat 9.x for Windows, Mac, and UNIX platforms.
"This vulnerability (CVE-2010-1297) could cause a crash and potentially allow an attacker to take control of the affected system," Adobe said. "There are reports that this vulnerability is being actively exploited in the wild against both Adobe Flash Player, and Adobe Reader and Acrobat."
That was one of 17 security vulnerabilities identified, the rest of which apply to Adobe Reader and Acrobat. All of these have been labeled as "critical" and run the gamut from memory corruption (could lead to code execution) to a social networking attack.