CERT-MU :Advisories

Home | Search | FAQ | Site Map | Contact Us

|| Hotline : 800 2378 || To contact CERT-MU send e-mail on --> info[at]cert-mu.gov.mu || To report incident e-mail on --> incident[at]cert-mu.gov.mu || To report Vulnerabilities send e-mail on --> Vulnerability[at]cert-mu.gov.mu ||

Charter & Mission

CERT-MU Services

Constituency

Authority

Incident Reporting

Vulnerability Reporting

Incident Statistics Forms

Vol. 2, Feb 2012

Vol. 1, Oct 2011

World CERTs

Security Sites

Security Tools

Antivirus Resources

Email Abuse

Network Abuse

Anti-Spam Initiative

Cyber Security Portal

Safer Internet Day

Computer Security Day

National Computer Board

Authorized to use CERT(TM) - CERT is a mark owned by Carnegie Mellon University

CERT-MU AD-2009-13

Multiple Vulnerabilities in Adobe Flash player

Original issue date: 10 August, 2009

Overview

Multiple vulnerabilities have been reported in Adobe Flash Player and Adobe AIR, which could allow remote attackers to cause a denial of service conditions, bypass certain security restrictions, gain potentially sensitive information or to take complete control of an affected system.

Description

Multiple Denial of Service or arbitrary code execution
vulnerabilities

Multiple vulnerabilities have been reported in Adobe Flash Player and Adobe AIR caused due to memory corruption, Stack Buffer Overflow, Heap buffer overflow, privilege escalation, null pointer and input validation errors. A remote attacker could exploit these vulnerabilities via a specially crafted Flash content or URL to gain escalated privileges, trigger buffer overflow and memory corruption errors. Successful exploitation of these vulnerabilities could allow a remote attacker to cause denial of service conditions or execute an arbitrary code in the context of the affected system.

Unspecified Click Jacking Vulnerability

This vulnerability is caused due to click jacking error in Adobe Flash Player and Adobe AIR. A remote attacker could exploit this vulnerability by tricking a user into selecting a specially crafted link or completing a dialog box to hijack the user's session. Successful exploitation of this vulnerability could allow a remote attacker to disclose sensitive information or to take complete control of an affected system to launch further attacks.

Sandbox Bypass Information Disclosure Vulnerability

This vulnerability is caused due to an error in the local sandbox when a SWF is saved to the hard drive in Adobe Flash Player and Adobe AIR. A remote attacker could exploit this vulnerability to obtain sensitive information when target user saving a SWF file to the hard drive.

Affected Systems

Adobe Flash Player versions prior to 9.0.246 0
Adobe Flash Player versions prior to 10.0.32.18
Adobe AIR versions prior to 1.5.2

Impact

Severity Rating: High

Solution

Update to Adobe Flash Player version 9.0.246.0 or 10.0.32.18
http://www.adobe.com/go/getflashplayer

Update to Adobe AIR version 1.5.2
http://get.adobe.com/air

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Vendor Information

Adobe
http://www.adobe.com/support/security/bulletins/apsb09-10.html

CVE Name

CVE-2009-1863
CVE-2009-1864
CVE-2009-1865
CVE-2009-1866
CVE-2009-1867
CVE-2009-1868
CVE-2009-1869
CVE-2009-1870

References

Adobe
http://www.adobe.com/support/security/bulletins/apsb09-10.html

Secunia
http://secunia.com/advisories/35948/1/

SecurityFocus
http://www.securityfocus.com/bid/35890 http://www.securityfocus.com/bid/35900

SecurityTracker
http://www.securitytracker.com/alerts/2009/Jul/1022629.html

VUPEN Security
http://www.vupen.com/english/advisories/2009/2086