Adobe Flash Vulnerability CVE-2011-0609

Adobe Flash Vulnerability

Vulnerability Detail:
Unspecified vulnerability in Adobe Flash Player and earlier on Windows, Mac OS X, Linux, and Solaris and and earlier on Android, and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader and Acrobat 9.x through 9.4.2 and 10.x through 10.0.1 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content, as demonstrated by a .swf file embedded in an Excel spreadsheet, and as exploited in the wild in March 2011.

Adobe Advisory

Affected Versions:
Adobe Flash Player and earlier versions for Windows, Macintosh, Linux and Solaris operating systems
Adobe Flash Player and earlier for Chrome users
Adobe Flash Player and earlier for Android
The Authplay.dll component that ships with Adobe Reader and Acrobat X (10.0.1) and earlier 10.x and 9.x versions for Windows and Macintosh operating systems.
NOTE: Adobe Reader 9.x for UNIX, Adobe Reader for Android, and Adobe Reader and Acrobat 8.x are not affected by this issue.

Adobe Patch Schedule

Metasploit Blog Post (Explanation and Example)

A vdo walkthrough on using this vulnerability on Metasploit by WowZataz

No comments:

Post a Comment