PCWorks: Flash Player Unspecified Code Execution Vulnerabilities

Wed, 15 Mar 2006 07:07:43 -0800

Everybody should update their Flash and/or Shockwave players for all their browsers. 

TITLE:
Flash Player Unspecified Code Execution Vulnerabilities

SECUNIA ADVISORY ID:
SA19218

RELEASE DATE:
2006-03-15

VERIFY ADVISORY:
http://secunia.com/advisories/19218/

CRITICAL:
Highly critical

WHERE:
From remote

IMPACT:
System access

SOFTWARE:
Macromedia Breeze 4.x
Macromedia Breeze 5.x
Macromedia Breeze Meeting Add-In
Macromedia Flash 8.x
Macromedia Flash MX 2004
Macromedia Flash MX Professional 2004
Macromedia Flash Player 7.x
Macromedia Flash Player 8.x
Macromedia Flex 1.x
Shockwave Player 10.x

DESCRIPTION:
Some vulnerabilities have been reported in Flash Player, which can be exploited by malicious people to compromise a user's system.
The vulnerabilities are caused due to unspecified errors and can be exploited to execute arbitrary code on a user's system when a malicious SWF file is loaded. 


SOLUTION:
Install updated versions.

Flash Player 8.0.22.0 and earlier:
Update to version 8.0.24.0 or 7.0.63.0.
http://www.macromedia.com/go/getflash

Flash Player 8.0.22.0 and earlier - network distribution:
Update to version 8.0.24.0 or 7.0.63.0.
http://www.macromedia.com/licensing/distribution

Flash Professional 8, Flash Basic:
Update to version 8.0.24.0.
http://www.macromedia.com/support/flash/downloads.html

Flash MX 2004:
Update to version 7.0.63.0.
http://www.macromedia.com/support/flash/downloads.html

Flex 1.5:
Update to version 8.0.24.0.
http://www.macromedia.com/go/3d2855d6

Breeze Meeting Add-In:
Update to version 7.0.55.331 (Win) or 7.0.55.118 (Mac).
http://adobe.breezecentral.com/common/help/en/support/downloads.htm

Shockwave Player:
Update to version 10.1.1.
http://www.macromedia.com/shockwave/download/


REPORTED BY CREDITS:
The vendor credits Microsoft for reporting the vulnerabilities.


ORIGINAL ADVISORY:
Adobe Systems (formerly Macromedia):
http://www.macromedia.com/devnet/security/security_zone/apsb06-03.html

Microsoft:
http://www.microsoft.com/technet/security/advisory/916208.mspx
============= PCWorks Mailing List =================
Don't see your post? Check our posting guidelines &
make sure you've followed proper posting procedures,
http://pcworkers.com/rules.htm
Contact list owner <[EMAIL PROTECTED]>
Unsubscribing and other changes: http://pcworkers.com
=====================================================

Reply via email to