Security Advisory
- Adobe Flash Player Multiple Vulnerabilities Reported Date: 09-07-09
Rated Level: 
Impact: System Access
Affected Software: Adobe AIR 1.x
Adobe Flash CS3
Adobe Flash CS4
Adobe Flash Player 10.x
Adobe Flash Player 9.x
Adobe Flex 3.x
Adobe Flash CS3
Adobe Flash CS4
Adobe Flash Player 10.x
Adobe Flash Player 9.x
Adobe Flex 3.x
Description: Some vulnerabilities have been reported in Adobe Flash Player, which can be exploited by malicious, local users to disclose sensitive information and potentially gain escalated privileges, and by malicious people to bypass certain security restrictions, disclose potentially sensitive information, and compromise a user's system.
1) An error when processing multiple references to an unspecified object can be exploited to dereference freed memory via a specially crafted SWF file.
Successful exploitation allows execution of arbitrary code.
2) An input validation error in the processing of SWF files can be exploited to cause a crash and potentially execute arbitrary code.
3) An error when displaying the mouse pointer on Windows can be exploited to potentially conduct "Clickjacking" attacks.
4) An error in the Linux Flash Player binary can be exploited to disclose sensitive information and potentially gain escalated privileges.
1) An error when processing multiple references to an unspecified object can be exploited to dereference freed memory via a specially crafted SWF file.
Successful exploitation allows execution of arbitrary code.
2) An input validation error in the processing of SWF files can be exploited to cause a crash and potentially execute arbitrary code.
3) An error when displaying the mouse pointer on Windows can be exploited to potentially conduct "Clickjacking" attacks.
4) An error in the Linux Flash Player binary can be exploited to disclose sensitive information and potentially gain escalated privileges.
Note: 1) Javier Vicente Vallejo, reported via iDefense
2) The vendor credits Roee Hay from IBM Rational Application Security.
3) The vendor credits Eduardo Vela.
4) The vendor credits Josh Bressers of Red Hat and Tavis Ormandy of the Google Security Team.
2) The vendor credits Roee Hay from IBM Rational Application Security.
3) The vendor credits Eduardo Vela.
4) The vendor credits Josh Bressers of Red Hat and Tavis Ormandy of the Google Security Team.
Solution:
Apply vendor updates.
Flash Player 9.x:
Update to version 9.0.159.0.
http://www.adobe.com/go/kb406791
Flash Player 10.0.12.36 and prior:
Update to version 10.0.22.87.
http://www.adobe.com/go/getflash
Flash Player 10.0.12.36 and prior (network distribution):
Update to version 10.0.22.87.
http://www.adobe.com/licensing/distribution
Flash Player 10.0.15.3 and prior for Linux:
Update to version 10.0.22.87.
http://www.adobe.com/go/getflash
AIR 1.5:
Update to version 1.5.1.
http://get.adobe.com/air
Flash CS4 Professional:
Update to version 10.0.22.87.
http://www.adobe.com/support/flashplayer/downloads.html#fp10
Flash CS3 Professional:
Update to version 9.0.159.0.
http://www.adobe.com/support/flashplayer/downloads.html#fp9
Flex 3:
Update to version 10.0.22.87.
http://www.adobe.com/support/flashplayer/downloads.html#fp9
Flash Player 9.x:
Update to version 9.0.159.0.
http://www.adobe.com/go/kb406791
Flash Player 10.0.12.36 and prior:
Update to version 10.0.22.87.
http://www.adobe.com/go/getflash
Flash Player 10.0.12.36 and prior (network distribution):
Update to version 10.0.22.87.
http://www.adobe.com/licensing/distribution
Flash Player 10.0.15.3 and prior for Linux:
Update to version 10.0.22.87.
http://www.adobe.com/go/getflash
AIR 1.5:
Update to version 1.5.1.
http://get.adobe.com/air
Flash CS4 Professional:
Update to version 10.0.22.87.
http://www.adobe.com/support/flashplayer/downloads.html#fp10
Flash CS3 Professional:
Update to version 9.0.159.0.
http://www.adobe.com/support/flashplayer/downloads.html#fp9
Flex 3:
Update to version 10.0.22.87.
http://www.adobe.com/support/flashplayer/downloads.html#fp9
Original Advisory: Adobe:
http://www.adobe.com/support/security/bulletins/apsb09-01.html
iDefense:
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=773
http://www.adobe.com/support/security/bulletins/apsb09-01.html
iDefense:
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=773
References: http://secunia.com/advisories/cve_reference/CVE-2009-0519/
http://secunia.com/advisories/cve_reference/CVE-2009-0520/
http://secunia.com/advisories/cve_reference/CVE-2009-0521/
http://secunia.com/advisories/cve_reference/CVE-2009-0522/
http://secunia.com/advisories/cve_reference/CVE-2009-0520/
http://secunia.com/advisories/cve_reference/CVE-2009-0521/
http://secunia.com/advisories/cve_reference/CVE-2009-0522/
Feedback: If you have additional information or corrections for this security advisory please contact us at advisory(at)triviasecurity.org
- Ubuntu 9.10 PAM MOTD file tampering (privilege escalation) (11/07/10)
- Pligg CMS v1.0.4 Installation File XSS Vulnerability (11/07/10)
- Cpanel 11.25 - [CSRF] Add FTP Account (05/07/10)
- Sun Java Web Server version 7.0 update 7 remote stack overflow exploit (05/07/10)
- Ziggurat Farsi CMS SQL Injection Vulnerability (05/07/10)
- SasCam WebCam Server version 2.6.5 active-x SEH overwrite exploit (05/07/10)
- ISC DHCPd DOS proof of concept exploit (05/07/10)
- Multiple Cisco CSS / ACE Client Certificate and HTTP Header Manipulation Vulnerabilities (05/07/10)
- Joomla (com_seyret) - LFI Vulnerability (05/07/10)
- Joomla Eventcal component v1.6.4 Remote blind SQL injection vulnerability (05/07/10)
- Copyright © 2003-2010 TriviaSecurity Team