Status Tracking Note JVNTR-2010-25

Adobe Flash Vulnerabilities (CVE-2010-2884, TA10-263A)

Overview

According to Adobe Security Bulletin APSB10-22 there are vulnerabilities in Adobe Flash. These vulnerabilities affect Flash Player, Reader, and possibly other products that support Flash. A remote attacker could exploit these vulnerabilities to execute arbitrary code.
Event Information


Date (UTC)Description
2010-09-21 01:20 JPCERT/CC
JPCERT-AT-2010-0024: Vulnerability in Adobe Flash Player
Public notification for "Security Update (APSB10-22) ".
2010-09-20 20:14 US-CERT
TA10-263A: Adobe Flash Vulnerabilities
Technical Cyber Security Alert publised via US-CERT Mailing List.
Public notification for "Security Advisory (APSB10-22) ".
2010-09-20 19:15 US-CERT
Adobe Releases Security Advisory for Flash Player
US-CERT Current Activity
Public notification for "Security Advisory (APSB10-22) ".
2010-09-20 18:19 Adobe
APSB10-22: Security update available for Adobe Flash Playe
Security Update (APSA10-03) released.: Flash Player 10.1.85.3/9.0.283, Flash Player 10.1.95.1 for Android
2010-09-17 21:41 Adobe
Schedule Update to Security Advisory for Adobe Flash Player (APSA 10-03)
Adobe Product Security Incident Response Team (PSIRT)
Advance notification for Security Update (2010/09/20).
2010-09-16 05:42 Trend Micro
TROJ_SWIF.HEI
We've found new malware that also leverages on this vulnerability, and it is now detected as TROJ_SWIF.HEI.
2010-09-14 23:45 Trend Micro
New Adobe Flash Critical Vulnerability Exploited in the Wild
TrendLabs | Malware Blog - by Trend Micro
This vulnerability is being actively exploited in the wild.
2010-09-14 14:35 US-CERT
Adobe Releases Security Advisory for Flash Player
US-CERT Current Activity
Public notification for "Security Advisory (APSA10-03) ".
2010-09-14 00:59 SANS Internet Storm Center
Adobe Flash v10.1.82.76 and earlier vulnerability in-the-wild
This vulnerability is being actively exploited in the wild.
2010-09-14 Trend Micro
TROJ_SWIF.HEL
2010-09-13 22:10 Adobe
APSA10-03: Security Advisory for Flash Player
Security Advisory (APSA10-03) published.
2010-09-13 22:10 Adobe
Security Advisory for Adobe Flash Player (APSA10-03)
Adobe Product Security Incident Response Team (PSIRT)
This vulnerability is being actively exploited in the wild against Flash Player on Windows.

Reference

Date first published (UTC): 2010-09-21T23:02+00:00
Date last updated (UTC): 2010-09-21T23:02+00:00
Valid HTML 4.01!