Gentoo Archives: gentoo-announce

From: Robert Buchholz <rbu@g.o>
To: gentoo-announce@l.g.o
Cc: bugtraq@×××××××××××××.com, full-disclosure@××××××××××××××.uk, security-alerts@×××××××××××××.com
Subject: [gentoo-announce] [ GLSA 200908-04 ] Adobe products: Multiple vulnerabilities
Date: Fri, 07 Aug 2009 12:05:23
Message-Id: 200908071401.34386.rbu@gentoo.org
1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2 Gentoo Linux Security Advisory GLSA 200908-04
3 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
4 http://security.gentoo.org/
5 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
6
7 Severity: Normal
8 Title: Adobe products: Multiple vulnerabilities
9 Date: August 07, 2009
10 Bugs: #278813, #278819
11 ID: 200908-04
12
13 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
14
15 Synopsis
16 ========
17
18 Multiple vulnerabilities in Adobe Reader and Adobe Flash Player allow
19 for attacks including the remote execution of arbitrary code.
20
21 Background
22 ==========
23
24 Adobe Flash Player is a closed-source playback software for Flash SWF
25 files. Adobe Reader is a closed-source PDF reader that plays Flash
26 content as well.
27
28 Affected packages
29 =================
30
31 -------------------------------------------------------------------
32 Package / Vulnerable / Unaffected
33 -------------------------------------------------------------------
34 1 www-plugins/adobe-flash < 10.0.32.18 >= 10.0.32.18
35 2 app-text/acroread < 9.1.3 >= 9.1.3
36 -------------------------------------------------------------------
37 2 affected packages on all of their supported architectures.
38 -------------------------------------------------------------------
39
40 Description
41 ===========
42
43 Multiple vulnerabilities have been reported in Adobe Flash Player:
44
45 * lakehu of Tencent Security Center reported an unspecified memory
46 corruption vulnerability (CVE-2009-1862).
47
48 * Mike Wroe reported an unspecified vulnerability, related to
49 "privilege escalation" (CVE-2009-1863).
50
51 * An anonymous researcher through iDefense reported an unspecified
52 heap-based buffer overflow (CVE-2009-1864).
53
54 * Chen Chen of Venustech reported an unspecified "null pointer
55 vulnerability" (CVE-2009-1865).
56
57 * Chen Chen of Venustech reported an unspecified stack-based buffer
58 overflow (CVE-2009-1866).
59
60 * Joran Benker reported that Adobe Flash Player facilitates
61 "clickjacking" attacks (CVE-2009-1867).
62
63 * Jun Mao of iDefense reported a heap-based buffer overflow, related
64 to URL parsing (CVE-2009-1868).
65
66 * Roee Hay of IBM Rational Application Security reported an
67 unspecified integer overflow (CVE-2009-1869).
68
69 * Gareth Heyes and Microsoft Vulnerability Research reported that the
70 sandbox in Adobe Flash Player allows for information disclosure, when
71 "SWFs are saved to the hard drive" (CVE-2009-1870).
72
73 Impact
74 ======
75
76 A remote attacker could entice a user to open a specially crafted PDF
77 file or web site containing Adobe Flash (SWF) contents, possibly
78 resulting in the execution of arbitrary code with the privileges of the
79 user running the application, or a Denial of Service (application
80 crash). Furthermore, a remote attacker could trick a user into clicking
81 a button on a dialog by supplying a specially crafted SWF file and
82 disclose sensitive information by exploiting a sandbox issue.
83
84 Workaround
85 ==========
86
87 There is no known workaround at this time.
88
89 Resolution
90 ==========
91
92 All Adobe Flash Player users should upgrade to the latest version:
93
94 # emerge --sync
95 # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-10.0.32.18"
96
97 All Adobe Reader users should upgrade to the latest version:
98
99 # emerge --sync
100 # emerge --ask --oneshot --verbose ">=app-text/acroread-9.1.3"
101
102 References
103 ==========
104
105 [ 1 ] CVE-2009-1862
106 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1862
107 [ 2 ] CVE-2009-1863
108 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1863
109 [ 3 ] CVE-2009-1864
110 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1864
111 [ 4 ] CVE-2009-1865
112 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1865
113 [ 5 ] CVE-2009-1866
114 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1866
115 [ 6 ] CVE-2009-1867
116 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1867
117 [ 7 ] CVE-2009-1868
118 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1868
119 [ 8 ] CVE-2009-1869
120 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1869
121 [ 9 ] CVE-2009-1870
122 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1870
123
124 Availability
125 ============
126
127 This GLSA and any updates to it are available for viewing at
128 the Gentoo Security Website:
129
130 http://security.gentoo.org/glsa/glsa-200908-04.xml
131
132 Concerns?
133 =========
134
135 Security is a primary focus of Gentoo Linux and ensuring the
136 confidentiality and security of our users machines is of utmost
137 importance to us. Any security concerns should be addressed to
138 security@g.o or alternatively, you may file a bug at
139 https://bugs.gentoo.org.
140
141 License
142 =======
143
144 Copyright 2009 Gentoo Foundation, Inc; referenced text
145 belongs to its owner(s).
146
147 The contents of this document are licensed under the
148 Creative Commons - Attribution / Share Alike license.
149
150 http://creativecommons.org/licenses/by-sa/2.5

Attachments

File name MIME type
signature.asc application/pgp-signature