The host is installed with Adobe Flash Player before 10.3.183.20 or 11.x before 11.3.300.257 or Adobe AIR before 3.3.0.3610 and is prone to untrusted search path vulnerability. A flaw is present in the applications, which fail to handle trojan horse executable file in an unspecified directory. Successful exploitation allows local users to gain privileges.