DOS NUEVAS VULNERABILIDADES, que afectan a productos Abode

Publicado: diciembre 4, 2009 de komz en 03.Vulnerabilidades
Etiquetas:, ,

1- Adobe Flash Player APSB09-19 Multiple Unspecified Remote Vulnerabilities (Published: Dec 03 2009  | Updated: Dec 03 2009)

Adobe has released advance notification that on December 8, 2009, the vendor will be releasing an advisory addressing multiple vulnerabilities affecting Flash Player and AIR. The highest severity rating of these issues is ‘Critical’.

The following products are affected:
Adobe Flash Player 10.0.32.18 and prior
Adobe AIR 1.5.2 and prior

REFERENCIA


2- Adobe Illustrator Encapsulated Postscript File Remote Buffer Overflow Vulnerability (Published: Dec 02 2009  |  Updated: Dec 03 2009)

Adobe Illustrator is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data.

An attacker can exploit this issue by enticing an unsuspecting victim to open a malicious Encapsulated PostScript file.

Successfully exploiting this issue will allow attackers to execute arbitrary code with the privileges of the user running the affected application. Failed exploit attempts will likely result in a denial-of-service condition.

This issue affects Illustrator CS4 14.0.0 and CS3 13.0.0; other versions may also be affected.

UPDATE (December 3, 2009): Adobe reports that they are investigating this issue. We will update this BID pending further information.

REFERENCIA


fuente: securityfocus.com


Responder

Por favor, inicia sesión con uno de estos métodos para publicar tu comentario:

Logo de WordPress.com

Estás comentando usando tu cuenta de WordPress.com. Cerrar sesión / Cambiar )

Imagen de Twitter

Estás comentando usando tu cuenta de Twitter. Cerrar sesión / Cambiar )

Foto de Facebook

Estás comentando usando tu cuenta de Facebook. Cerrar sesión / Cambiar )

Google+ photo

Estás comentando usando tu cuenta de Google+. Cerrar sesión / Cambiar )

Conectando a %s