JPCERT-AT-2010-0029
JPCERT/CC
2010-11-05
<<< JPCERT/CC Alert 2010-11-05 >>>
Vulnerabilities in Adobe Flash Player
https://www.jpcert.or.jp/at/2010/at100029.txt
I. Overview
Adobe Flash Player contains multiple vulnerabilities. As a result, a
remote attacker could execute arbitrary code by convincing a user to
open specially crafted contents. Adobe Systems has already observed
attacks exploiting some of these vulnerabilities. Users are
recommended to update to the corrected software provided by Adobe
Systems.
Adobe Security bulletin APSB10-26
Security update available for Adobe Flash Player
http://www.adobe.com/support/security/bulletins/apsb10-26.html
According to Adobe Systems, the existing vulnerability reported in
APSA10-05 is also solved in the updated Adobe Flash Player.
APSA10-05 Security Advisory for Adobe Flash Player, Adobe Reader and Acrobat
http://www.adobe.com/support/security/advisories/apsa10-05.html
Security updates for Adobe Acrobat and Reader will be released in
the week of November 15, 2010. Users are recommended to apply the
updates as soon as they are released.
II. Products Affected
Affected products are as follows:
- Adobe Flash Player 10.1.85.3 and earlier
For more information, refer to Adobe Systems' website.
III. Solution
Update Adobe Flash Player to the latest version shown below. For
more information, refer to Adobe Systems' website.
- Adobe Flash Player 10.1.102.64
Adobe Flash Player Download Center
http://get.adobe.com/jp/flashplayer/
http://get.adobe.com/flashplayer/
The Flash Player version number installed on your PC can be verified
through the following page:
Adobe Flash Player: Version Information
http://www.adobe.com/jp/software/flash/about/
http://www.adobe.com/products/flash/about/
IV. References
Adobe - Security Advisories:
Security update available for Adobe Flash Player
http://www.adobe.com/support/security/bulletins/apsb10-26.html
Adobe - Security Advisories:
Security Advisory for Adobe Flash Player, Adobe Reader and Acrobat
http://www.adobe.com/support/security/advisories/apsa10-05.html
JVNVU#298081
Vulnerability in Adobe Flash
https://jvn.jp/cert/JVNVU298081/index.html
If you have any further questions or information regarding this
alert, please contact JPCERT/CC.
======================================================================
JPCERT Coordination Center (JPCERT/CC)
MAIL: info@jpcert.or.jp
TEL: +81-3-3518-4600 FAX: +81-3-3518-4602
https://www.jpcert.or.jp/english/
Top