CVE-2011-0609 Information

Description

Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and earlier on Windows Mac OS X Linux and Solaris; 10.1.106.16 and earlier on Android; Adobe AIR 2.5.1 and earlier; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader and Acrobat 9.x through 9.4.2 and 10.x through 10.0.1 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content as demonstrated by a .swf file embedded in an Excel spreadsheet and as exploited in the wild in March 2011.

Reference

http://blogs.adobe.com/asset/2011/03/background-on-apsa11-01-patch-schedule.html http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates_15.html http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html http://secunia.com/advisories/43751 http://secunia.com/advisories/43757 http://secunia.com/advisories/43772 http://secunia.com/advisories/43856 http://securityreason.com/securityalert/8152 http://www.adobe.com/support/security/advisories/apsa11-01.html http://www.adobe.com/support/security/bulletins/apsb11-06.html http://www.kb.cert.org/vuls/id/192052 http://www.redhat.com/support/errata/RHSA-2011-0372.html http://www.securityfocus.com/bid/46860 http://www.securitytracker.com/id?1025210 http://www.securitytracker.com/id?1025211 http://www.securitytracker.com/id?1025238 http://www.vupen.com/english/advisories/2011/0655 http://www.vupen.com/english/advisories/2011/0656 http://www.vupen.com/english/advisories/2011/0688 http://www.vupen.com/english/advisories/2011/0732 https://exchange.xforce.ibmcloud.com/vulnerabilities/66078 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A14147