Improper Access Control
Adobe Flash Player before 220.127.116.112 and 14.x through 18.x before 18.104.22.168 on Windows and OS X and before 22.214.171.1241 on Linux, Adobe AIR before 126.96.36.199, Adobe AIR SDK before 188.8.131.52, and Adobe AIR SDK & Compiler before 184.108.40.206 allow attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors.
CWE-284 - Improper Access Control
Listed 5th in the 'OWASP Top Ten', improper (or broken) access control attacks are a fundamental type of vulnerability. This includes a broad range of design flaws that enable users to act outside of their intended permissions. They can use these privileges to gain access to restricted files and functionality such as accessing restricted information, falsifying records, destroying data, or executing commands.