Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: iDefense Security Advisory 02.24.09: Adobe Flash Player Invalid Object Reference Vulnerability
From: imipak <imipak () gmail com>
Date: Wed, 25 Feb 2009 15:29:59 +0000

Ray P wrote:

"iDefense has confirmed the existence of this vulnerability in latest
version of Flash Player, version 9.0.124.0."

What am I missing here? Flash 9.0.124 has been out since April 2008 and
the version of Flash 9 on my computer is 9.0.154.



From the Adobe advisory at
http://www.adobe.com/support/security/bulletins/apsb09-01.html :

---------------------------------------------------------
[...]
Solution

Adobe recommends all users of Adobe Flash Player 10.0.12.36 and
earlier versions upgrade to the newest version 10.0.22.87 by
downloading it from the Player Download Center, or by using the
auto-update mechanism within the product when prompted.

For users who cannot update to Flash Player 10, Adobe has developed a
patched version of Flash Player 9, Flash Player 9.0.159.0, which can
be downloaded from the following link.
[...]
---------------------------------------------------------



-- 
make way for history
flickering like a long-lost memory

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
  • Re: iDefense Security Advisory 02.24.09: Adobe Flash Player Invalid Object Reference Vulnerability imipak (Feb 25)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]