Untrusted search path vulnerability in the installer in Adobe Flash Player before and 11.x before 11.3.300.257 on Windows and Mac OS X; before and 11.x before on Linux; before on Android 2.x and 3.x; and before on Android 4.x, and Adobe AIR before, allows local users to gain privileges via a Trojan horse executable file in an unspecified directory.