Security advisory for Adobe Reader, Acrobat and Flash Player
Release date: July 22, 2009
Last Updated: July 23, 2009
Vulnerability identifier: APSA09-03
CVE number: CVE-2009-1862
Platform: All Platforms
SummaryA critical vulnerability exists in the current versions of Flash Player (v220.127.116.11 and v10.0.22.87) for Windows, Macintosh and Linux operating systems, and the authplay.dll component that ships with Adobe Reader and Acrobat v9.x for Windows, Macintosh and UNIX operating systems. This vulnerability (CVE-2009-1862) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild via limited, targeted attacks against Adobe Reader v9 on Windows.
Removed a large portion of the quote in order to comply with the rules of fair use.
Edited by Orange Blossom, 24 July 2009 - 10:43 PM.