Welcome to PetForums

Join thousands of other pet owners and pet lovers on the UK's most popular and friendly pet community and discussion forum.

Sign Up

Adobe Flash Player and Adobe Reader Security Alert

Discussion in 'General Chat' started by testmg80, Jul 24, 2009.

  1. testmg80

    testmg80 PetForums VIP

    Jul 29, 2008
    Likes Received:
    From: US-CERT Technical Alerts <technical-alerts@us-cert.gov>

    To: technical-alerts@us-cert.gov <technical-alerts@us-cert.gov>

    Subject: US-CERT Technical Cyber Security Alert TA09-204A -- Adobe Flash Vulnerability Affects Flash Player and Other Adobe Products

    Hash: SHA1

    National Cyber Alert System

    Technical Cyber Security Alert TA09-204A

    Adobe Flash Vulnerability Affects Flash Player and Other Adobe Products

    Original release date: July 23, 2009
    Last revised: --
    Source: US-CERT

    Systems Affected

    * Adobe Flash Player and earlier 10.x versions
    * Adobe Flash Player and earlier 9.x versions
    * Adobe Reader and Acrobat 9.1.2 and earlier 9.x versions


    Adobe has released Security advisory APSA09-03, which describes a
    vulnerability affecting Adobe Flash. Other Adobe applications that
    include the Flash runtime, such as Adobe Reader 9, are also

    I. Description

    Adobe Security Advisory APSA09-03 describes a vulnerability
    affecting the Adobe Flash player. Flash player version
    and earlier 10.x versions as well as Flash player version
    and earlier 9.x versions are affected.

    An attacker could exploit this vulnerability by convincing a user
    to visit a website that hosts a specially crafted SWF file. The
    Adobe Flash browser plugin is available for multiple web browsers
    and operating systems, any of which could be affected. An attacker
    could also create a PDF document that has an embedded SWF file to
    exploit the vulnerability.

    This vulnerability is being actively exploited.

    II. Impact

    This vulnerability allows a remote attacker to execute arbitrary
    code as the result of a user viewing a web page or opening a PDF

    III. Solution

    These vulnerabilities can be mitigated by disabling the Flash
    plugin or by using the NoScript extension for Mozilla Firefox or
    SeaMonkey to whitelist websites that can access the Flash plugin.
    For more information about securely configuring web browsers,
    please see the Securing Your Web Browser document. US-CERT
    Vulnerability Note VU#259425 has additional details, as well as
    information about mitigating the PDF document attack vector.

    Thanks to Department of Defense Cyber Crime Center/DCISE for
    information used in this document.

    IV. References

    * Vulnerability Note VU#259425 -

    * Security advisory for Adobe Reader, Acrobat and Flash Player -

    * Securing Your Web Browser -

    * NoScript - <https://addons.mozilla.org/addon/722>


    The most recent version of this document can be found at:


    Feedback can be directed to US-CERT Technical Staff. Please send
    email to <cert@cert.org> with "TA09-204A Feedback VU#259425" in
    the subject.

    For instructions on subscribing to or unsubscribing from this
    mailing list, visit <http://www.us-cert.gov/cas/signup.html>.

    Produced 2009 by US-CERT, a government organization.

    Terms of use:


    Revision History

    July 23, 2009: Initial release

    Version: GnuPG v1.4.5 (GNU/Linux)

    -----END PGP SIGNATURE-----
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice