Adobe Security Bulletins on Flash Player, Adobe Reader, Acrobat Reader and RoboHelp
Adobe released the following Security Advisory and Security Bulletins today:
Adobe Security Advisory:
- Buffer overflow issue in versions 9.0 and earlier of Adobe Reader and Acrobat
A critical vulnerability has been identified in Adobe Reader 9 and Acrobat 9 and earlier versions. This vulnerability would cause the application to crash and could potentially allow an attacker to take control of the affected system. There are reports that this issue is being exploited. Adobe is planning to release updates to Adobe Reader and Acrobat to resolve the relevant security issue. Adobe expects to make available an update for Adobe Reader 9 and Acrobat 9 by March 11th, 2009.
Updates for Adobe Reader 8 and Acrobat 8 will follow soon after, with Adobe Reader 7 and Acrobat 7 updates to follow.
http://www.adobe.com/support/security/advisories/apsa09-01.html
Adobe Security Bulletins:
- Flash Player update available to address security vulnerabilities
A potential vulnerability has been identified in Adobe Flash Player 10.0.12.36 and earlier that could allow an attacker who successfully exploits this potential vulnerability to take control of the affected system. A malicious SWF must be loaded in Flash Player by the user for an attacker to exploit this potential vulnerability.
Additional vulnerabilities have been addressed in this update. Adobe recommends users update to the most current version of Flash Player available for their platform.
http://www.adobe.com/support/security/bulletins/apsb09-01.html
- Updates available for RoboHelp Server Cross-Site Scripting issues
A specially crafted URL could be used to create a cross-site scripting attack on RoboHelp installations.
http://www.adobe.com/support/security/bulletins/apsb09-02.html