—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1
Liebe Kolleginnen und Kollegen,
soeben erreichte uns nachfolgende Warnung. Wir geben diese Informationen
unveraendert an Sie weiter.
Bitte beachten Sie, dass dies ein Update des Advisories ist, das die
folgenden Aenderungen betrifft:
Mit diesem Update stellt Adobe einen Patch fuer die beschriebene
Schwachstelle zur Verfuegung.
CVE-2011-0609 – Schwachstelle im Adobe Flash Player
In Adobe Flash Player 10 und frueher sowie in der Bibliothek
Authplay.dll, die Bestandteil von Adobe Reader und Acrobat X ist, ist
eine bisher nicht naeher beschriebene Schwachstelle enthalten. Ein
entfernter Angreifer kann diese Schwachstelle mit einer manipulierten
Datei ausnutzen, um beliebige Befehle mit den Rechten der Anwendung zur
Ausfuehrung zu bringen. Ein Exploit zum Ausnutzen der Schwachstelle
durch ein Microsoft Excel Dokument mit eingebetteten Flash-Inhalten ist
bereits veroeffentlicht worden.
Betroffen sind die folgenden Software Pakete und Plattformen:
Adobe Flash Player 10.2.152.33 und frueher fuer Windows, Mac OS X,
Linux und Solaris
Adobe Flash Player 10.2.154.18 und frueher fuer Chrome
Adobe Flash Player 10.1.106.16 und frueher fuer Android
Die Bibliothek Authplay.dll in Adobe Reader und Acrobat X in den
Versionen 9.x und 10.x bis einschliesslich 10.0.1 fuer Windows und Mac
OS X
Windows
Mac OS X
Linux
Solaris
Chrome
Android
Vom Hersteller werden ueberarbeitete Pakete zur Verfuegung gestellt.
(c) der deutschen Zusammenfassung bei DFN-CERT Services GmbH; die
Verbreitung, auch auszugsweise, ist nur unter Hinweis auf den Urheber,
DFN-CERT Services GmbH, und nur zu nicht kommerziellen Zwecken
gestattet.
Mit freundlichen Gruessen,
Michael Groening, DFN-CERT
– —
Michael Groening (Incident Response Team)
DFN-CERT Services GmbH, https://www.dfn-cert.de, Phone +49 40 808077-590
Sitz / Register: Hamburg, AG Hamburg, HRB 88805, Ust-IdNr.: DE 232129737
Sachsenstrasse 5, 20097 Hamburg/Germany, CEO: Dr. Klaus-Peter Kossakowski
Automatische Warnmeldungen https://www.cert.dfn.de/autowarn
Security Advisory for Adobe Flash Player, Adobe Reader and Acrobat
Release date: March 14, 2011
Last updated: March 21, 2011
Vulnerability identifier: APSA11-01
CVE number: CVE-2011-0609
Platform: All Platforms
Summary
A critical vulnerability exists in Adobe Flash Player 10.2.152.33 and earlier versions (Adobe Flash Player 10.2.154.18 and earlier for Chrome users) for Windows, Macintosh, Linux and Solaris operating systems, Adobe Flash Player 10.1.106.16 and earlier versions for Android, and the Authplay.dll component that ships with Adobe Reader and Acrobat X (10.0.1) and earlier 10.x and 9.x versions of Reader and Acrobat for Windows and Macintosh operating systems.
This vulnerability (CVE-2011-0609) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Excel (.xls) file delivered as an email attachment. At this time, Adobe is not aware of attacks targeting Adobe Reader and Acrobat. Adobe Reader X Protected Mode mitigations would prevent an exploit of this kind from executing.
Adobe recommends users of Adobe Flash Player 10.2.152.33 and earlier versions (Adobe Flash Player 10.2.154.18 and earlier versions for Chrome users) for Windows, Macintosh, Linux, and Solaris operating systems update to Adobe Flash Player 10.2.153.1 (Adobe Flash Player 10.2.154.25 for Chrome users). Adobe recommends users of Adobe Flash Player 10.1.106.16 and earlier versions for Android update to Adobe Flash Player 10.2.153.1. Adobe recommends users of Adobe AIR 2.5.1 and earlier versions for Windows, Macintosh and Linux update to Adobe AIR 2.6. For more information, please refer to Security Bulletin APSB11-05.
Adobe recommends users of Adobe Reader X (10.0.1) for Macintosh update to Adobe Reader X (10.0.2). For users of Adobe Reader 9.4.2 for Windows and Macintosh, Adobe has made available the update, Adobe Reader 9.4.3. Adobe recommends users of Adobe Acrobat X (10.0.1) for Windows and Macintosh update to Adobe Acrobat X (10.0.2). Adobe recommends users of Adobe Acrobat 9.4.2 for Windows and Macintosh update to Adobe Acrobat 9.4.3. Because Adobe Reader X Protected Mode would prevent an exploit of this kind from executing, we are planning to address this issue in Adobe Reader X for Windows with the next quarterly security update for Adobe Reader, currently scheduled for June 14, 2011. For more information, please refer to Security Bulletin APSB11-06.
Affected software versions
* Adobe Flash Player 10.2.152.33 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems
* Adobe Flash Player 10.2.154.18 and earlier for Chrome users
* Adobe Flash Player 10.1.106.16 and earlier for Android
* The Authplay.dll component that ships with Adobe Reader and Acrobat X (10.0.1) and earlier 10.x and 9.x versions for Windows and Macintosh operating systems.
NOTE: Adobe Reader 9.x for UNIX, Adobe Reader for Android, and Adobe Reader and Acrobat 8.x are not affected by this issue.
Severity rating
Adobe categorizes this as a critical issue.
Revisions
March 21, 2011 – Updated with information on Security Bulletin APSB11-05 and Security Bulletin APSB11-06
March 18, 2011 – Updated with information on Flash Player for Android and Google Chrome
March 17, 2011 – Added Mitigations section
March 14, 2011 – Updated Chrome Flash Player version information (changed from 10.2.154.13 to 10.2.154.18)
March 14, 2011 – Bulletin released.
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2.0.9 (GNU/Linux)
iQEcBAEBAgAGBQJNiJp9AAoJEJtyb8U7iGZBvBcH/RZJQ6RA6ibn8xACVdQ5HKzm
mYUBwhXtWp98gU7TxH+C4YpXryijdHoWtTwk/Q2j4Swaik2kNkpITEo9QyNsPuPX
2Uk/wP6tkKWFDC8xV7kIWAxO29mYoLoYmQzouHjQJNgyPapzWkz+tliJRtEbku1i
hnwEiCCtfO4ylo0mYoNiiRtiPXLwEN6rJAGZvdR9+hAnkPLL+zrh+Q21AFwQlJyE
MUcvsaqmB73wbqlDr6LE2Uy/pcrEl2wZRUHp5+weGvuGmbYnnPiZ+X9wn8T1iKYo
lWxdJnI2zFZh4775eGRtzv+Z39/jraEtc2jvO+NAsEZc0BOcIm/Ap3tC5R+S96g=
=tQiX
—–END PGP SIGNATURE—–
