Date (UTC) | Description |
2008-04-09 15:36 |
US-CERT TA08-100A: Adobe Flash Updates for Multiple Vulnerabilities
Via US-CERT Mailing List
|
2008-04-09 11:34 |
US-CERT Adobe Flash Player Vulnerabilities
US-CERT Current Activity
Adobe has released Flash Player 9.0.124.0 to address multiple vulnerabilities. These vulnerabilities may allow a remote attacker to execute arbitrary code or conduct cross-site scripting attacks.
|
2008-04-09 00:43 |
SANS Internet Storm Center Critical vulnerabilities in Adobe Flash Player
Adobe has released a security bulletin today, APSB08-11, to address multiple vulnerabilities in Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, that could lead to the potential execution of arbitrary code remotely. Additionally the update includes DNS rebinding attack and cross-domain policy countermeasures.
|
2008-04-08 |
IBM Internet Security Systems Adobe Flash Player Invalid Pointer Vulnerability
Invalid Pointer Vulnerability (CVE-2007-0071)
Adobe Flash Player is vulnerable to a buffer overflow, caused by an integer overflow vulnerability in the processing of multimedia files. By creating a specially-crafted multimedia file and persuading the victim to open the file, a remote attacker could overflow a buffer and execute arbitrary code on the system.
|
2008-04-08 |
Adobe APSB08-11: Flash Player update available to address security vulnerabilities
Critical vulnerabilities have been identified in Adobe Flash Player that could allow an attacker who successfully exploits these potential vulnerabilities to take control of the affected system. A malicious SWF must be loaded in Flash Player by the user for an attacker to exploit these potential vulnerabilities. It is recommended users update to the most current version of Flash Player available for their operating system.
|
2008-02-07 |
Zero Day Initiative (ZDI) ZDI-08-021: Adobe Flash Player DeclareFunction2 Invalid Object Use Vulnerability
Invalid Object Use Vulnerability (CVE-2007-6019)
Vulnerability Reported
This vulnerability allows remote attackers to execute code on vulnerable installations of Adobe's Flash Player. User interaction is required in that a user must visit a malicious web site.
|
2007-12-19 |
Secunia Research 2007-103: Adobe Flash Player "Declare Function (V7)" Heap Overflow
Invalid Object Use / Declare Function (V7) tag Vulnerability (CVE-2007-6019)
Vulnerability Reported
|