Status Tracking Note JVNTR-2010-25

Adobe Flash Vulnerabilities (CVE-2010-2884, TA10-263A)

According to Adobe Security Bulletin APSB10-22 there are vulnerabilities in Adobe Flash. These vulnerabilities affect Flash Player, Reader, and possibly other products that support Flash. A remote attacker could exploit these vulnerabilities to execute arbitrary code.

Event Information

Date (UTC)	Description
2010-09-21 01:20	JPCERT/CC JPCERT-AT-2010-0024: Vulnerability in Adobe Flash Player Public notification for "Security Update (APSB10-22) ".
2010-09-20 20:14	US-CERT TA10-263A: Adobe Flash Vulnerabilities Technical Cyber Security Alert publised via US-CERT Mailing List. Public notification for "Security Advisory (APSB10-22) ".
2010-09-20 19:15	US-CERT Adobe Releases Security Advisory for Flash Player US-CERT Current Activity Public notification for "Security Advisory (APSB10-22) ".
2010-09-20 18:19	Adobe APSB10-22: Security update available for Adobe Flash Playe Security Update (APSA10-03) released.: Flash Player 10.1.85.3/9.0.283, Flash Player 10.1.95.1 for Android
2010-09-17 21:41	Adobe Schedule Update to Security Advisory for Adobe Flash Player (APSA 10-03) Adobe Product Security Incident Response Team (PSIRT) Advance notification for Security Update (2010/09/20).
2010-09-16 05:42	Trend Micro TROJ_SWIF.HEI We've found new malware that also leverages on this vulnerability, and it is now detected as TROJ_SWIF.HEI.
2010-09-14 23:45	Trend Micro New Adobe Flash Critical Vulnerability Exploited in the Wild TrendLabs \| Malware Blog - by Trend Micro This vulnerability is being actively exploited in the wild.
2010-09-14 14:35	US-CERT Adobe Releases Security Advisory for Flash Player US-CERT Current Activity Public notification for "Security Advisory (APSA10-03) ".
2010-09-14 00:59	SANS Internet Storm Center Adobe Flash v10.1.82.76 and earlier vulnerability in-the-wild This vulnerability is being actively exploited in the wild.
2010-09-14	Trend Micro TROJ_SWIF.HEL
2010-09-13 22:10	Adobe APSA10-03: Security Advisory for Flash Player Security Advisory (APSA10-03) published.
2010-09-13 22:10	Adobe Security Advisory for Adobe Flash Player (APSA10-03) Adobe Product Security Incident Response Team (PSIRT) This vulnerability is being actively exploited in the wild against Flash Player on Windows.

Reference

CVE-2010-2884


Date first published (UTC):	2010-09-21T23:02+00:00
Date last updated (UTC):	2010-09-21T23:02+00:00