Jump to content


Photo

Adobe multiple vulns


  • Please log in to reply
106 replies to this topic

#101 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 04 February 2014 - 03:11 PM

FYI...

Flash 12.0.0.44 released
- http://helpx.adobe.c.../apsb14-04.html
Feb 4, 2014
CVE number: https://web.nvd.nist...d=CVE-2014-0497 - 10.0 (HIGH)
Platform: All Platforms
Summary: Adobe has released security updates for Adobe Flash Player 12.0.0.43 and earlier versions for Windows and Macintosh and Adobe Flash Player 11.2.202.335 and earlier versions for Linux. These updates address a critical vulnerability that could potentially allow an attacker to remotely take control of the affected system. Adobe is aware of reports that an exploit for this vulnerability exists in the wild, and recommends users update their product installations to the latest versions:
- Users of Adobe Flash Player 12.0.0.43 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 12.0.0.44.
- Users of Adobe Flash Player 11.2.202.335 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.336.
- Adobe Flash Player 12.0.0.41 installed with Google Chrome will automatically be updated to the latest Google Chrome version, which will include Adobe Flash Player 12.0.0.44 for Windows, Macintosh and Linux.
- Adobe Flash Player 12.0.0.38 installed with Internet Explorer 10 will automatically be updated to the latest Internet Explorer 10 version, which will include Adobe Flash Player 12.0.0.44 for Windows 8.0.
- Adobe Flash Player 12.0.0.38 installed with Internet Explorer 11 will automatically be updated to the latest Internet Explorer 11 version, which will include Adobe Flash Player 12.0.0.44 for Windows 8.1...
These updates address -critical- vulnerabilities in the software...

- https://www.adobe.co...tribution3.html

Flash test site:
- http://www.adobe.com...re/flash/about/

- http://helpx.adobe.c...ash-player.html
___

- https://secunia.com/advisories/56737/
Release Date: 2014-02-05
Criticality: Extremely Critical
Where: From remote
Impact: System access
Solution Status: Vendor Patch
... vulnerability is actively exploited in the wild.
Reported as a 0-Day...
CVE Reference: CVE-2014-0497
Solution: Update to a fixed version...

- http://atlas.arbor.n...index#375357101
High Severity
6 Feb 2014

CVE-2014-0497 – a 0-day vulnerability
- https://www.secureli...y_vulnerability
Feb 5, 2014
 

:ph34r: :(


Edited by AplusWebMaster, 07 February 2014 - 12:31 PM.

This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#102 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 11 February 2014 - 05:06 PM

FYI...

Shockwave Player 12.0.9.149 released
- http://helpx.adobe.c.../apsb14-06.html
Feb 11, 2014
CVE number:
- https://web.nvd.nist...d=CVE-2014-0500 - 10.0 (HIGH)
- https://web.nvd.nist...d=CVE-2014-0501 - 10.0 (HIGH)
Platform: Windows and Macintosh
Summary: Adobe has released a security update for Adobe Shockwave Player 12.0.7.148 and earlier versions on the Windows and Macintosh operating systems. This update addresses critical vulnerabilities that could potentially allow an attacker to remotely take control of the affected system... Adobe recommends users of Adobe Shockwave Player 12.0.7.148 and earlier versions update to the newest version 12.0.9.149, available here:
- http://get.adobe.com/shockwave/
___

Test Shockwave
- http://www.adobe.com...ckwave/welcome/
___

- https://secunia.com/advisories/56740/
Release Date: 2014-02-11
Criticality: Highly Critical
Where: From remote
Impact: System access
CVE Reference(s): CVE-2014-0500, CVE-2014-0501
Solution: Update to version 12.0.9.149
 

:ph34r:


Edited by AplusWebMaster, 12 February 2014 - 07:37 PM.

This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#103 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 20 February 2014 - 02:47 PM

FYI...

Flash 12.0.0.70 released
- http://helpx.adobe.c.../apsb14-07.html
Feb 20, 2014
CVE number:
- https://web.nvd.nist...d=CVE-2014-0498 - 10.0 (HIGH)
- https://web.nvd.nist...d=CVE-2014-0499 - 7.8 (HIGH)
- https://web.nvd.nist...d=CVE-2014-0502 - 10.0 (HIGH)
Last revised: 02/21/2014 - "... as exploited in the wild in February 2014..."
Platform: All Platforms
Summary: Adobe has released security updates for Adobe Flash Player 12.0.0.44 and earlier versions for Windows and Macintosh and Adobe Flash Player 11.2.202.336 and earlier versions for Linux. These updates address vulnerabilities that could potentially allow an attacker to take control of the affected system. Adobe is aware of reports that an exploit for CVE-2014-0502 exists in the wild, and recommends users update their product installations to the latest versions:
- Users of Adobe Flash Player 12.0.0.44 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 12.0.0.70.
- Users of Adobe Flash Player 11.2.202.336 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.341.
- Adobe Flash Player 12.0.0.44 installed with Google Chrome will automatically be updated to the latest Google Chrome version, which will include Adobe Flash Player 12.0.0.70 for Windows, Macintosh and Linux.
- Adobe Flash Player 12.0.0.44 installed with Internet Explorer 10 will automatically be updated to the latest Internet Explorer 10 version, which will include Adobe Flash Player 12.0.0.70 for Windows 8.0.
- Adobe Flash Player 12.0.0.44 installed with Internet Explorer 11 will automatically be updated to the latest Internet Explorer 11 version, which will include Adobe Flash Player 12.0.0.70 for Windows 8.1.
- Users of Adobe AIR 4.0.0.1390 and earlier versions for Android should update to Adobe AIR 4.0.0.1628.
- Users of the Adobe AIR 4.0.0.1390 SDK and earlier versions should update to the Adobe AIR 4.0.0.1628 SDK.
- Users of the Adobe AIR 4.0.0.1390 SDK & Compiler and earlier versions should update to the Adobe AIR 4.0.0.1628 SDK & Compiler...

- https://www.adobe.co...tribution3.html

Flash test site:
- http://www.adobe.com...re/flash/about/

- http://helpx.adobe.c...ash-player.html

Adobe AIR
- http://get.adobe.com/air/
___

- https://secunia.com/advisories/57057/
Release Date: 2014-02-21
Criticality: Extremely Critical
Where: From remote
Impact: Exposure of sensitive information, System access...
Solution:
Update to a fixed version...
 

:ph34r: :ph34r:


Edited by AplusWebMaster, 21 February 2014 - 11:34 AM.

This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#104 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 11 March 2014 - 10:45 AM

FYI...

Flash 12.0.0.77 released
- http://helpx.adobe.c.../apsb14-08.html
March 11, 2014
CVE number:
- https://web.nvd.nist...d=CVE-2014-0503 - 6.4
- https://web.nvd.nist...d=CVE-2014-0504 - 5.0
Platform: All Platforms
Summary: Adobe has released security updates for Adobe Flash Player 12.0.0.70 and earlier versions for Windows and Macintosh and Adobe Flash Player 11.2.202.341 and earlier versions for Linux. These updates address -important- vulnerabilities, and Adobe recommends users update their product installations to the latest versions:
- Users of Adobe Flash Player 12.0.0.70 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 12.0.0.77
- Users of Adobe Flash Player 11.2.202.341 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.346
- Adobe Flash Player 12.0.0.70 installed with Google Chrome will automatically be updated to the latest Google Chrome version, which will include Adobe Flash Player 12.0.0.77 for Windows, Macintosh and Linux.
- Adobe Flash Player 12.0.0.70 installed with Internet Explorer 10 will automatically be updated to the latest Internet Explorer 10 version, which will include Adobe Flash Player 12.0.0.77 for Windows 8.0.
- Adobe Flash Player 12.0.0.70 installed with Internet Explorer 11 will automatically be updated to the latest Internet Explorer 11 version, which will include Adobe Flash Player 12.0.0.77 for Windows 8.1...

- https://www.adobe.co...tribution3.html

Flash test site:
- http://www.adobe.com...re/flash/about/

- http://helpx.adobe.c...ash-player.html
 

:ph34r:


Edited by AplusWebMaster, 12 March 2014 - 02:34 PM.

This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#105 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 13 March 2014 - 01:43 PM

FYI...

Shockwave 12.0.9.150 released
- http://helpx.adobe.c.../apsb14-10.html
March 13, 2014
CVE number: https://web.nvd.nist...d=CVE-2014-0505 - 10.0 (HIGH)
Platform: Windows and Macintosh
Summary: Adobe has released a security update for Adobe Shockwave Player 12.0.9.149 and earlier versions on the Windows and Macintosh operating systems. This update addresses a -critical- vulnerability that could potentially allow an attacker to remotely take control of the affected system. Adobe recommends users of Adobe Shockwave Player 12.0.9.149 and earlier versions update to Adobe Shockwave Player 12.1.0.150 using the instructions provided in the "Solution" section...
Solution: Adobe recommends users of Adobe Shockwave Player 12.0.9.149 and earlier versions update to the newest version 12.1.0.150, available here:
- http://get.adobe.com/shockwave/
___

- https://secunia.com/advisories/57277/
Release Date: 2014-03-14
Criticality: Highly Critical
Where: From remote
Impact: System access...
... vulnerability is reported in versions 12.0.9.149 and prior running on Windows and Macintosh.
Solution: Update to version 12.1.0.150.
 

:ph34r:


Edited by AplusWebMaster, 14 March 2014 - 04:31 PM.

This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#106 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 08 April 2014 - 01:09 PM

FYI...

Flash 13.0.0.182 released
- http://helpx.adobe.c.../apsb14-09.html
Release date: April 8, 2014
Vulnerability identifier: APSB14-09
CVE number: CVE-2014-0506, CVE-2014-0507, CVE-2014-0508, CVE-2014-0509
Platform: All Platforms
Summary: Adobe has released security updates for Adobe Flash Player 12.0.0.77 and earlier versions for Windows and Macintosh and Adobe Flash Player 11.2.202.346 and earlier versions for Linux. These updates address vulnerabilities that could potentially allow an attacker to take control of the affected system. Adobe recommends users update their product installations to the latest versions:
- Users of Adobe Flash Player 12.0.0.77 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 13.0.0.182
- Users of Adobe Flash Player 11.2.202.346 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.350.
- Adobe Flash Player 12.0.0.77 installed with Google Chrome will automatically be updated to the latest Google Chrome version, which will include Adobe Flash Player 13.0.0.182 for Windows, Macintosh and Linux.
- Adobe Flash Player 12.0.0.77 installed with Internet Explorer 10 will automatically be updated to the latest Internet Explorer 10 version, which will include Adobe Flash Player 13.0.0.182 for Windows 8.0.
- Adobe Flash Player 12.0.0.77 installed with Internet Explorer 11 will automatically be updated to the latest Internet Explorer 11 version, which will include Adobe Flash Player 13.0.0.182 for Windows 8.1.
- Users of Adobe AIR 4.0.0.1628 and earlier versions for Android should update to Adobe AIR 13.0.0.83.
- Users of the Adobe AIR 4.0.0.1628 SDK and earlier versions should update to the Adobe AIR 13.0.0.83 SDK.
- Users of the Adobe AIR 4.0.0.1628 SDK & Compiler and earlier versions should update to the Adobe AIR 13.0.0.83 SDK & Compiler...
* Beginning May 13, 2014, Adobe Flash Player 13 for Mac and Windows will replace version 11.7 as the extended support version. Adobe recommends users upgrade to version 13 to continue to receive security updates. See this blog post for further details:
http://blogs.adobe.c...rt-release.html
___

- https://www.adobe.co...tribution3.html

Flash test site:
- http://www.adobe.com...re/flash/about/

- http://helpx.adobe.c...ash-player.html

AIR download:
- http://get.adobe.com/air/
 

:ph34r:


Edited by AplusWebMaster, 08 April 2014 - 01:12 PM.

This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#107 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 14 April 2014 - 10:52 PM

FYI...

Adobe Reader Mobile 11.2 released
- http://helpx.adobe.c.../apsb14-12.html
April 14, 2014
CVE Number: http://web.nvd.nist....d=CVE-2014-0514 - 9.3
Platform: Android
Summary: Adobe has released a security update for Adobe Reader Mobile for the Android operating system. This update addresses a vulnerability that could be exploited to gain remote code execution on the affected system. Adobe recommends users update their product installations...
Solution: Adobe recommends users of Adobe Reader Mobile update to the newest version, available here:
- https://play.google....om.adobe.reader
This update addresses a critical vulnerability in the software..."
___

- https://secunia.com/advisories/57928/
Release Date: 2014-04-15
Criticality: Highly Critical
Where: From remote
Impact: System access ...
CVE Reference: https://cve.mitre.or...e=CVE-2014-0514
... vulnerability is reported in versions 11.1.3 and prior.
Solution: Update to version 11.2.
Original Advisory: APSB14-12:
- http://helpx.adobe.c.../apsb14-12.html
 

:ph34r: :ph34r:


Edited by AplusWebMaster, 20 April 2014 - 09:05 AM.

This machine has no brain.
......... Use your own.
Browser check for updates here.
.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button