Adobe Systems today released a security bulletin addressing the vulnerabilities in Flash Player, Flex and Cold Fusion. As mentioned in the bulletin, the present version of Adobe Flash Player was vulnerable and could potentially allow the attackers to take control of the affected system. 
A security advisory released by the company states, “Adobe is aware of a report that an exploit for CVE-2015-3043 exists in the wild and recommends users update their product installations to the latest versions.”
The company recommends users to update their product installations to the latest versions of software.
| Product Installed | Suggested Update |
| Adobe Flash Player desktop runtime (Win & Mac) | Adobe Flash Player 17.0.0.169 |
| Adobe Flash Player Extended Support Release | Adobe Flash Player 13.0.0.281 |
| Adobe Flash Player for Linux | Adobe Flash Player 11.2.202.457 |
The company further added in the report that Adobe Flash Player installed with Internet Explorer and Google Chrome will automatically update to version 17.0.0.169 when available.
The latest security report also added the hotfixes for ColdFusion versions 11 and 10, addressing an input validation issue exploited by attackers in cross-site scripting attack. The company suggests that ColdFusion users update their installations and to apply the security configuration settings, using password authentication and configure sandbox security.
The next important vulnerability was identified in JavaScript output of ASDoc tool in Adobe Flex 4.6 and earlier versions and could lead to cross-site scripting. Users can remediate this vulnerability by downloading the index.html file and modifying the existing index.html file.
These vulnerabilities may lead to a reflected cross-site scripting attack and can also allow the attackers to take control of your system. Users and administrators are encouraged to review the Adobe Security Bulletin and patch these vulnerabilities.
