Security Advisory for Flash Player, Adobe Reader and Acrobat

Published: 2010-06-05. Last Updated: 2010-06-05 13:30:49 UTC
by Guy Bruneau (Version: 1)
7 comment(s)

Adobe has released an advisory that a critical vulnerability exists for Windows, Macintosh, Linux and Solaris in the Adobe Flash Player version 10.0.45.2 and earlier as well as in the authplay.dll component that ships with Adobe Reader and Acrobat 9.x for Windows, Macintosh and UNIX operating systems. This vulnerability (CVE-2010-1297) could cause a crash and potentially allow an attacker to take control of the affected system.

Adobe has received reports indicating this vulnerability is being actively exploited in the wild against Adobe Flash Player, Adobe Reader and Acrobat. The original security bulletin and suggested mitigations by Adobe is posted here.

Affected Versions

- Adobe Flash Player 10.0.45.2, 9.0.262, and earlier 10.0.x and 9.0.x versions for Windows, Macintosh, Linux and Solaris
- Adobe Reader and Acrobat 9.3.2 and earlier 9.x versions for Windows, Macintosh and UNIX

Not Vulnerable

- Flash Player 10.1 Release Candidate, can be downloaded here
- Adobe Reader and Acrobat 8.x are confirmed not vulnerable

-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot org

Keywords: Acrobat Adobe Reader Advisory Flash Player
7 comment(s)

OpenOffice.org 3.2.1 Fixes Bugs and Vulnerabilities

Published: 2010-06-05. Last Updated: 2010-06-05 01:31:39 UTC
by Guy Bruneau (Version: 1)
0 comment(s)

OpenOffice's latest version is available for Windows, Mac OS, Linux and Solaris systems. This release fixes 5 potential vulnerabilities, adds more stability and speed but no new features. The security bulletin is posted here.

-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot org

Keywords: OpenOffice Fixes
0 comment(s)

Comments

Login here to join the discussion.


Diary Archives