From secunia security advisory at $URL: Description: The vulnerability is caused due to an unspecified error. No further information is currently available. Successful exploitation allows execution of arbitrary code. The vulnerability is reported in version 11.1.102.55. Other versions may also be affected. Solution: There is no patch atm.
CVE-2011-4694 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4694): Unspecified vulnerability in Adobe Flash Player 11.1.102.55 on Windows and Mac OS X allows remote attackers to execute arbitrary code via a crafted SWF file, as demonstrated by the second of two vulnerabilities exploited by the Intevydis vd_adobe_fp module in VulnDisco Step Ahead (SA). NOTE: as of 20111207, this disclosure has no actionable information. However, because the module author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. CVE-2011-4693 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4693): Unspecified vulnerability in Adobe Flash Player 11.1.102.55 on Windows and Mac OS X allows remote attackers to execute arbitrary code via a crafted SWF file, as demonstrated by the first of two vulnerabilities exploited by the Intevydis vd_adobe_fp module in VulnDisco Step Ahead (SA). NOTE: as of 20111207, this disclosure has no actionable information. However, because the module author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.
It's unclear whether this has been fixed. Red Hat closed this as CANTFIX due to a lack of information on what is affected. I'm inclined to agree; closing NEEDINFO.
