U radu programskog paketa Adobe Flash Player uočen je niz sigurnosnih nedostataka. Moguće ih je iskoristiti udaljeno za pokretanje proizvoljnog programskog koda, izvođenje DoS napada i zaobilaženje postavljenih ograničenja.
Secunia Advisory SA47886
Oracle Solaris Adobe Flash Player Multiple Vulnerabilities
Release Date 2012-02-08
Criticality level Highly criticalHighly critical
Impact Security Bypass
System access
Where From remote
Authentication level Available in Customer Area
Report reliability Available in Customer Area
Solution Status Vendor Patch
Systems affected Available in Customer Area
Approve distribution Available in Customer Area
Remediation status Secunia CSI, Secunia PSI
Automated scanning Secunia CSI, Secunia PSI
Operating System
Sun Solaris 10.x
Secunia CVSS Score Available in Customer Area
CVE Reference(s) CVE-2011-2445 CVSS available in Customer Area
CVE-2011-2450 CVSS available in Customer Area
CVE-2011-2451 CVSS available in Customer Area
CVE-2011-2452 CVSS available in Customer Area
CVE-2011-2453 CVSS available in Customer Area
CVE-2011-2454 CVSS available in Customer Area
CVE-2011-2455 CVSS available in Customer Area
CVE-2011-2456 CVSS available in Customer Area
CVE-2011-2457 CVSS available in Customer Area
CVE-2011-2458 CVSS available in Customer Area
CVE-2011-2459 CVSS available in Customer Area
CVE-2011-2460 CVSS available in Customer Area
Description
Oracle has acknowledged multiple vulnerabilities in Adobe Flash Player included in Solaris, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.
For more information:
SA46818
Solution
Apply patches.
Further details available in Customer Area
Original Advisory
http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_adobe_flashplayer4
Posljednje sigurnosne preporuke