If exploited successfully, both vulnerabilities can lead to arbitrary code execution allowing attackers to take control of the affected systems. A memory corruption flaw tracked as CVE-2013-5332 was also fixed. That CVE (Common Vulnerabilities and Exposures) ID refers to a type confusion vulnerability fixed in the new version of Flash Player. 'Adobe is aware of reports that an exploit designed to trick the user into opening a Microsoft Word document with malicious Flash (.swf) content exists for CVE-2013-5331,' the company said in a security advisory. Adobe patched several vulnerabilities in its Flash Player and Shockwave Player on Tuesday, including one for which an exploit is already available.