- #ADOBE FLASH PLAYER 9 PROBLEMS UPDATE#
- #ADOBE FLASH PLAYER 9 PROBLEMS UPGRADE#
- #ADOBE FLASH PLAYER 9 PROBLEMS SOFTWARE#
#ADOBE FLASH PLAYER 9 PROBLEMS UPDATE#
(CVE-2007-2022) Affected softwareįlash Player 9.0.45.0 and earlier network distributionįlash Player 9.0.45.0 and earlier for Linuxįlash Player 9 Update for Flash CS3 Professionalįlash Player 8 Update for Flash Professional 8, Flash BasicĪdobe would like to thank Stefano DiPaola, Elia Florio and Giorgio Fedon for reporting the input validation error (CVE-2007-3456) and for working with us to help protect our customers’ security.Īdobe would like to thank Daiki Fukumori of Secure Sky Technology, Inc. These issues do not impact Flash Player 9 on Linux or Solaris. The Linux and Solaris updates for Flash Player 7 (7.0.70.0) address the issues with Flash Player and the Opera and Konqueror browsers described in Security Advisory APSA07-03. This issue could potentially aid an attacker in executing a cross-site request forgery attack. This issue does not affect Flash Player 9. (CVE-2007-3456)Īn issue with insufficient validation of the HTTP Referer has been identified in Flash Player 8.0.34.0 and earlier. This vulnerability could be accessed through content delivered from a remote location via the user’s web browser, email client, or other applications that include or reference the Flash Player. DetailsĪn input validation error has been identified in Flash Player 9.0.45.0 and earlier versions that could lead to the potential execution of arbitrary code.
#ADOBE FLASH PLAYER 9 PROBLEMS UPGRADE#
Severity ratingĪdobe categorizes this as a critical issue and recommends affected users upgrade to version 9.0.47.0 (Win, Mac, Solaris) or 9.0.48.0 (Linux). Please refer to the Flash Player update TechNote. SolutionĪdobe recommends all users of Adobe Flash Player 9.0.45.0 and earlier versions upgrade to the newest version 9.0.47.0 (Win, Mac, Solaris) or 9.0.48.0 (Linux), by downloading it from the Player Download Center, or by using the auto-update mechanism within the product when prompted.įor customers who cannot upgrade to Adobe Flash Player 9, Adobe has developed a patched version of Flash Player 7. If you use multiple browsers, perform the check for each browser you have installed on your system. To verify the Adobe Flash Player version number, access the About Flash Player page, or right-click on Flash content and select “About Adobe (or Macromedia) Flash Player” from the menu.
#ADOBE FLASH PLAYER 9 PROBLEMS SOFTWARE#
Affected software versionsĪdobe Flash Player 9.0.45.0 and earlier, 8.0.34.0 and earlier, and 7.0.69.0 and earlier.
Users are recommended to update to the most current version of Flash Player available for their platform. A malicious SWF must be loaded in Flash Player by the user for an attacker to exploit these potential vulnerabilities. Security bulletin Flash Player update available to address security vulnerabilitiesĬVE number: CVE-2007-3456, CVE-2007-3457, CVE-2007-2022Ĭritical vulnerabilities have been identified in Adobe Flash Player that could allow an attacker who successfully exploits these potential vulnerabilities to take control of the affected system.
0 kommentar(er)
