منذ /03-21-2010, 12:58 PM
|
#1 (permalink)
|
|[ عضـٍـٍـٍو مبـٍـٍـٍـٍدع]|
|
رقم
المستوى :
16402 |
|
تاريخ
التسجيل :
Dec 2009 |
|
المشآركآت
:
653 |
|
Flash Player might allow
|
ate: January 03, 2010
Bug(s): [عزيزي الزائر يتوجب عليك التسجيل لمشاهدة الرابط للتسجيل اضغط هنا]
ID: 201001-02
Synopsis
Multiple vulnerabilities in Adoberemote attackers
to execute arbitrary code or cause a Denial of Service.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is
commonly used to provide interactive ***sites.
Affected Packages
Package: www-plugins/adobe-flash
Vulnerable: < 10.0.42.34
Unaffected: >= 10.0.42.34
Architectures: All supported architectures
De******ion
Multiple vulnerabilities have been discovered in Adobe Flash Player:
- An anonymous researcher working with the Zero Day
Initiative reported that Adobe Flash Player does not properly process
JPEG files (CVE-2009-3794).
- Jim Cheng of EffectiveUI reported
an unspecified data injection vulnerability (CVE-2009-3796).
- Bing Liu of Fortinet's FortiGuard Labs reported multiple
unspecified memory corruption vulnerabilities (CVE-2009-3797,
CVE-2009-3798).
- Damian Put reported an integer overflow in the
Verifier::parseExceptionHandlers() function (CVE-2009-3799).
- Will Dormann of CERT reported multiple unspecified Denial of
Service vulnerabilities (CVE-2009-3800).
Impact
A remote attacker could entice a user to open a specially crafted SWF
file, possibly resulting in the remote execution of arbitrary code with
the privileges of the user running the application, or a Denial of
Service via unknown vectors.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
|
|
|
|
|
آلاهدآئـــآت
المواضيع المتشابهه
العرض العادي
