On May 27, 2008, Symantec moved to Threatcon 2 based on information that a new and unpatched vulnerability in Adobe's Flash player was being exploited in the wild. Based on analysis of the sites provided by Symantec and exploit sites gathered from internal data, it is clear that an older vulnerability is currently being exploited. The vulnerability in question was found by Mark Dowd of ISS in a paper in which he describes a novel technique for exploiting null pointer dereference bugs. Trackback URL