TITLE:
Adobe Flash Player Multiple Unspecified Vulnerabilities
SECUNIA ADVISORY ID:
SA21865
VERIFY ADVISORY:
http://secunia.c
om/advisories/21865/
CRITICAL:
Highly critical
IMPACT:
Security Bypass, System access
WHERE:
From remote
SOFTWARE:
Macromedia Flash 8.x
http://secunia.com/p
roduct/7024/
Macromedia Flash MX 2004
http://secunia.com/p
roduct/3192/
Macromedia Flash MX Professional 2004
http://secunia.com/p
roduct/3191/
Macromedia Flash Player 7.x
http://secunia.com/p
roduct/2634/
Macromedia Flash Player 8.x
http://secunia.com/p
roduct/6153/
Macromedia Flex 1.x
http://secunia.com/p
roduct/5246/
DESCRIPTION:
Multiple vulnerabilities have been reported in Adobe Flash
Player,
which can be exploited by malicious people to bypass certain
security
restrictions or compromise a user's system.
1) Various unspecified input validation errors may allow
arbitrary
code execution when e.g. visiting a malicious website.
2) An unspecified error can be exploited to bypass the
"allowScriptAccess" option.
3) Unspecified errors exist in the way the ActiveX control
is
invoked
by Microsoft Office products on Windows.
SOLUTION:
Update to version 9.0.16.0 or another fixed version (see the
vendor
advisory for details).
ORIGINAL ADVISORY:
Adobe:
http://www.adobe.com/support/security/bulletins/ap
sb06-11.html
OTHER REFERENCES:
Microsoft:
http://www.microsoft.com/technet/security/advisory
/925143.mspx
============= PCWorks Mailing List =================
Don't see your post? Check our posting guidelines &
make sure you've followed proper posting procedures,
http://pcworkers.com/r
ules.htm
Contact list owner <owner-pcworks imagicomm.com>
Unsubscribing and other changes: http://pcworkers.com
=====================================================
|