A vulnerability in Macromedia Flash Player, which can allow a remote intruder to run arbitrary code in the context of the currently- logged iI-on user. The vulnerability is the result of a failure to enforce array boundaries, which allows an intruder to run arbitrary code by creating a specifically crafted Flash file. The vulnerability affects Flash Player 7.0.19.0 and earlier versions. For more details about the vulnerability, visit eEye's advisory.

Macromedia has released an updated version of Flash Player that corrects this problem. To obtain the update and get Macromedia's perspective on this vulnerability, visit their Web.