Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and earlier on Windows, Mac OS X, Linux, and Solaris; 10.1.106.16 and earlier on Android; Adobe AIR 2.5.1 and earlier; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader and Acrobat 9.x through 9.4.2 and 10.x through 10.0.1 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content, as demonstrated by a .swf file embedded in an Excel spreadsheet, and as exploited in the wild in March 2011.

The Adobe Standalone Flash Player was updated to the 10.2.153.1, fixing several bugs and one security issue.

The Adobe Flash Player was updated to the 10.2.153.1, fixing several bugs and one security issue. 

This vulnerability (CVE-2011-0609) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Excel (.xls) file delivered as an email attachment.

The Adobe Flash Player was updated to the 10.2.153.1, fixing several bugs and one security issue :

  - This vulnerability (CVE-2011-0609) could cause a crash     and potentially allow an attacker to take control of the     affected system. There are reports that this     vulnerability is being exploited in the wild in targeted     attacks via a Flash (.swf) file embedded in a Microsoft     Excel (.xls) file delivered as an email attachment.

The remote host is affected by the vulnerability described in GLSA-201110-11 (Adobe Flash Player: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in Adobe Flash Player.
      Please review the CVE identifiers and Adobe Security Advisories and       Bulletins referenced below for details.
  Impact :

    By enticing a user to open a specially crafted SWF file a remote       attacker could cause a Denial of Service or the execution of arbitrary       code with the privileges of the user running the application.
  Workaround :

    There is no known workaround at this time.

Adobe Product Security Incident Response Team reports :

A critical vulnerability exists in Adobe Flash Player 10.2.152.33 and earlier versions (Adobe Flash Player 10.2.154.18 and earlier for Chrome users) for Windows, Macintosh, Linux and Solaris operating systems, Adobe Flash Player 10.1.106.16 and earlier versions for Android, and the Authplay.dll component that ships with Adobe Reader and Acrobat X (10.0.1) and earlier 10.x and 9.x versions of Reader and Acrobat for Windows and Macintosh operating systems.

This vulnerability (CVE-2011-0609) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Excel (.xls) file delivered as an email attachment.

The remote Redhat Enterprise Linux 5 / 6 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2011:0372 advisory.

    The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash     Player web browser plug-in.

    This update fixes one vulnerability in Adobe Flash Player. This     vulnerability is detailed on the Adobe security page APSB11-05, listed in     the References section. Specially-crafted SWF content could cause     flash-plugin to crash or, potentially, execute arbitrary code.
    (CVE-2011-0609)

    All users of Adobe Flash Player should install this updated package, which     upgrades Flash Player to version 10.2.153.1.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Versions of Flash Player earlier than 10.2.152.33 are potentially affected by an unspecified memory corruption vulnerability.  A remote attacker could exploit this by tricking a user into viewing maliciously crafted SWF content, resulting in arbitrary code. This bug is currently being exploited in the wild.

The remote Windows host contains a version of Adobe AIR earlier than 2.6.  Such versions are affected by a memory corruption vulnerability that could allow arbitrary code execution on the remote system or trigger a denial of service condition.

Versions of Google Chrome earlier than 10.0.648.134 contain a vulnerable version of Adobe Flash Player.   remote attacker could exploit this by tricking a user into viewing unspecified, malicious SWF content, resulting in arbitrary code execution.  Note that this issue is currently being exploited in the wild.

The remote Windows host contains a version of Adobe Flash Player earlier than 10.2.153.1.  Such versions are affected by an unspecified memory corruption vulnerability. 

A remote attacker could exploit this by tricking a user into viewing maliciously crafted SWF content, resulting in arbitrary code execution. 

This bug is currently being exploited in the wild.

The remote Windows host contains a version of Adobe Reader 9.x < 9.4.3 or 10.x < 10.1.  Such versions are affected by an unspecified memory corruption vulnerability in authplay.dll. 

A remote attacker could exploit this by tricking a user into viewing maliciously crafted SWF content, resulting in arbitrary code execution. 

This bug is currently being exploited in the wild.

The remote Windows host contains a version of Adobe Acrobat 9.x < 9.4.3 or 10.x < 10.0.2. Such versions are affected by an unspecified memory corruption vulnerability in authplay.dll.

A remote attacker could exploit this by tricking a user into viewing maliciously crafted SWF content, resulting in arbitrary code execution.

This bug is currently being exploited in the wild.

ID	Name	Product	Family	Severity
75832	openSUSE Security Update : flash-player (openSUSE-SU-2011:0239-1)	Nessus	SuSE Local Security Checks	high
75831	openSUSE Security Update : flash-player (openSUSE-SU-2011:0215-1)	Nessus	SuSE Local Security Checks	high
75496	openSUSE Security Update : flash-player (openSUSE-SU-2011:0239-1)	Nessus	SuSE Local Security Checks	high
75495	openSUSE Security Update : flash-player (openSUSE-SU-2011:0215-1)	Nessus	SuSE Local Security Checks	high
57188	SuSE 10 Security Update : flash-player (ZYPP Patch Number 7398)	Nessus	SuSE Local Security Checks	high
56504	GLSA-201110-11 : Adobe Flash Player: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	critical
53721	openSUSE Security Update : flash-player (openSUSE-SU-2011:0239-1)	Nessus	SuSE Local Security Checks	high
53720	openSUSE Security Update : flash-player (openSUSE-SU-2011:0215-1)	Nessus	SuSE Local Security Checks	high
52969	SuSE 10 Security Update : flash-player (ZYPP Patch Number 7391)	Nessus	SuSE Local Security Checks	high
52966	FreeBSD : linux-flashplugin -- remote code execution vulnerability (501ee07a-5640-11e0-985a-001b2134ef46)	Nessus	FreeBSD Local Security Checks	high
52959	SuSE 11.1 Security Update : flash-player (SAT Patch Number 4190)	Nessus	SuSE Local Security Checks	high
52760	RHEL 5 / 6 : flash-plugin (RHSA-2011:0372)	Nessus	Red Hat Local Security Checks	high
5827	Flash Player < 10.2.152.33 Unspecified Memory Corruption (APSB11-05)	Nessus Network Monitor	Web Clients	high
52755	Adobe AIR < 2.6 Unspecified Memory Corruption (APSB11-05)	Nessus	Windows	high
800895	Google Chrome < 10.0.648.134 Code Execution Vulnerability	Log Correlation Engine	Web Clients	high
5823	Google Chrome < 10.0.648.134 Code Execution	Nessus Network Monitor	Web Clients	high
52673	Flash Player < 10.2.153.1 Unspecified Memory Corruption (APSB11-05)	Nessus	Windows	high
52672	Adobe Reader 9.x / 10.x Unspecified Memory Corruption (APSB11-06)	Nessus	Windows	high
52671	Adobe Acrobat 9.x / 10.x Unspecified Memory Corruption (APSB11-06)	Nessus	Windows	high

Detections

Analytics

CVE-2011-0609

high

Tenable Plugins

high

high

high

high

high

critical

high

high

high

high

high

high

high

high

high

high

high

high

high