A commercial exploit kit called Fiesta may be vulnerable to new attacks using a Flash vulnerability. The vulnerability is being tracked as CVE-2014-0569 in the Common Vulnerabilities and Exposures database. The exploit was privately reported to Adobe through Hewlett-Packard’s Zero Day Initiative (ZDI) program, meaning its details should not be public. The creators of exploit kits like Fiesta typically reuse proof-of-concept exploits published online or included in legitimate penetration testing tools like Metasploit.”]