CVE-2009-1862 Information

Description

Unspecified vulnerability in Adobe Reader and Acrobat 9.x through 9.1.2 and Adobe Flash Player 9.x through 9.0.159.0 and 10.x through 10.0.22.87 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via (1) a crafted Flash application in a .pdf file or (2) a crafted .swf file related to authplay.dll as exploited in the wild in July 2009.

Reference

http://blogs.adobe.com/psirt/2009/07/potential_adobe_reader_and_fla.html http://bugs.adobe.com/jira/browse/FP-1265 http://isc.sans.org/diary.html?storyid=6847 http://lists.apple.com/archives/security-announce/2009/Sep/msg00003.html http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html http://news.cnet.com/8301-27080_3-10293389-245.html http://secunia.com/advisories/36193 http://secunia.com/advisories/36374 http://secunia.com/advisories/36701 http://security.gentoo.org/glsa/glsa-200908-04.xml http://sunsolve.sun.com/search/document.do?assetkey=1-66-266108-1 http://support.apple.com/kb/HT3864 http://support.apple.com/kb/HT3865 http://www.adobe.com/support/security/advisories/apsa09-03.html http://www.adobe.com/support/security/bulletins/apsb09-10.html http://www.adobe.com/support/security/bulletins/apsb09-13.html http://www.kb.cert.org/vuls/id/259425 http://www.securityfocus.com/bid/35759 http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-072209-2512-99 http://www.symantec.com/connect/blogs/next-generation-flash-vulnerability