The host is installed with Adobe Flash Player before 10.2.152.33 or Adobe Air is before 2.6 and is prone to remote code execution vulnerability. A flaw is present in authplay.dll, which fails to handle crafted flash content. Successful exploitation could allow remote attackers to execute arbitrary code or obtain sensitive information or cause denial of service.