Status Tracking Note TRTA07-355A

Adobe Updates for Multiple Vulnerabilities

Overview

Adobe has released Security bulletin APSB07-20 to address multiple vulnerabilities affecting Adobe Flash Player. Attackers could exploit these vulnerabilities to execute arbitrary code, perform DNS rebinding and cross-site scripting attacks, conduct port scans, or cause a denial of service.
Event Information


Date (UTC)Description
2007-12-21 15:29 US-CERT
TA07-355A: Adobe Updates for Multiple Vulnerabilities
Via US-CERT Mailing List
2007-12-19 08:09 US-CERT
Adobe Flash Player Vulnerabilities
Adobe has released updates described in the Adobe Security bulletin to address multiple vulnerabilities in Flash Player. The impacts of these vulnerabilities include arbitrary code execution, privilege escalation, and cross-site scripting. The Adobe Security bulletin states that all platforms running a vulnerable version of Flash Player are affected.
2007-12-19 07:44 SANS Internet Storm Center
Adobe Flash Player and GoLive security updates
Adobe has released updates which fix several critical vulnerabilities in Flash Player and GoLive.
2007-12-19
Adobe Flash Player ActiveX Control Universal Cross-Site Scripting Vulnerability
Cross Domain Scripting Vulnerability Proof Of Concept (CVE-2007-6244)
#Cid: 26960.as
2007-12-18 Adobe
APSB07-20: Flash Player update available to address security vulnerabilities
Critical vulnerabilities have been identified in Adobe Flash Player that could allow an attacker who successfully exploits these potential vulnerabilities to take control of the affected system.


Date first published (UTC): 2007-12-24T22:46+00:00
Date last updated (UTC): 2008-01-05T09:07+00:00