Status Tracking Note TRTA07-355A

Adobe Updates for Multiple Vulnerabilities

Adobe has released Security bulletin APSB07-20 to address multiple vulnerabilities affecting Adobe Flash Player. Attackers could exploit these vulnerabilities to execute arbitrary code, perform DNS rebinding and cross-site scripting attacks, conduct port scans, or cause a denial of service.

Event Information

Date (UTC)	Description
2007-12-21 15:29	US-CERT TA07-355A: Adobe Updates for Multiple Vulnerabilities Via US-CERT Mailing List
2007-12-19 08:09	US-CERT Adobe Flash Player Vulnerabilities Adobe has released updates described in the Adobe Security bulletin to address multiple vulnerabilities in Flash Player. The impacts of these vulnerabilities include arbitrary code execution, privilege escalation, and cross-site scripting. The Adobe Security bulletin states that all platforms running a vulnerable version of Flash Player are affected.
2007-12-19 07:44	SANS Internet Storm Center Adobe Flash Player and GoLive security updates Adobe has released updates which fix several critical vulnerabilities in Flash Player and GoLive.
2007-12-19	Adobe Flash Player ActiveX Control Universal Cross-Site Scripting Vulnerability Cross Domain Scripting Vulnerability Proof Of Concept (CVE-2007-6244) #Cid: 26960.as
2007-12-18	Adobe APSB07-20: Flash Player update available to address security vulnerabilities Critical vulnerabilities have been identified in Adobe Flash Player that could allow an attacker who successfully exploits these potential vulnerabilities to take control of the affected system.


Date first published (UTC):	2007-12-24T22:46+00:00
Date last updated (UTC):	2008-01-05T09:07+00:00