Sun Security Blog
Security
|
06 Apr 2009
Sun Alert 254909 Multiple Security Vulnerabilities in the Adobe Flash Player for Solaris 10 (Adobe Security Bulletin APSB09-01)
Product: Solaris 10 Operating System OpenSolaris Multiple security vulnerabilities in Adobe Flash Player distributed with Solaris may allow a remote unprivileged user to execute arbitrary commands with the privileges of a local user on the system, or cause the web browser to crash if a malicious Shockwave Flash (SWF) file is loaded with the affected plugin. Being able to crash a web browser is a type of Denial of Service (DoS). In addition, a 'clickjacking' vulnerability in the Adobe Flash Player Settings Manager may allow a remote user to obtain sensitive information or execute arbitrary code on the system if a local user clicks on misleading Adobe Flash Player dialogues. These issues are described in the following documents: Adobe Security Bulletin ABSP09-01 at http://www.adobe.com/support/security/bulletins/apsb09-01.html CVE-2009-0519 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0519 CVE-2009-0520 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0520 CVE-2009-0114 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0114 State: Resolved First released: 16-Mar-2009
Permalink
|
Comments:
Post a Comment: Comments are closed for this entry. |
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
