Adobe Security Advisory APSB09-05 for Flash Media Server
APSB09-05 Updates available to address Flash Media Server privilege escalation issue
Release date: April 30, 2009
Vulnerability identifier: APSB09-05
CVE number: CVE-2009-1365
Platform: Windows and Linux
Summary
A potential vulnerability has been identified in Flash Media Server 3.5.1 and earlier that could allow an attacker to execute remote procedures in Flash Media Interactive Server or Flash Media Streaming Server. Adobe recommends users update to the most current version of Flash Media Server (3.5.2 or 3.0.4 or greater)
Affected software versions
Adobe Flash Media Streaming Server 3.5.1, Adobe Flash Media Interactive Server 3.5.1 and earlier
To verify the Adobe Flash Media Server version, launch the Flash Media Server Administration console, click the Manage Servers > License tab, and note the release version.
Solution
Adobe recommends Flash Media Server administrators install the Flash Media Server 3.5.2 or 3.0.4 update.