FYI...Adobe - multiple critical updatesFlash Player- critical update
June 14, 2011 - "A critical
vulnerability has been identified in Adobe Flash Player 10.3.181.23 and earlier versions... Adobe recommends... update to Adobe Flash Player 10.3.181.26
... Note:... does -not- affect the Authplay.dll component that ships with Adobe Reader and Acrobat..."
CVE number: CVE-2011-2110Direct download current version
- executable Flash Player installer... to your Desktop, then double-click to install.
For IE ...
For Firefox, other browsers, etc...
Flash test site: http://www.adobe.com/software/flash/about/
Last revised: 06/17/2011
CVSS v2 Base Score: 10.0 (HIGH)
Release Date: 2011-06-15
Criticality level: Extremely critical
NOTE: The vulnerability is reportedly being actively exploited in targeted attacks...
10.3.181.23 and earlier...
Solution: Apply updates... (10.3.181.26)
___Reader and Acrobat - critical updates
June 14, 2011 - "Critical
vulnerabilities have been identified in Adobe Reader X (10.0.1) and earlier versions for Windows, Adobe Reader X (10.0.3) and earlier versions for Macintosh, and Adobe Acrobat X (10.0.3) and earlier...
Adobe recommends users of Adobe Reader X (10.0.3) and earlier versions for Windows and Macintosh update to Adobe Reader X (10.1)
. For users of Adobe Reader 9.4.4 and earlier versions for Windows and Macintosh, who cannot update to Adobe Reader X (10.1), Adobe has made available updates, Adobe Reader 9.4.5 and Adobe Reader 8.3
Adobe recommends users of Adobe Acrobat X (10.0.3) for Windows and Macintosh update to Adobe Acrobat X (10.1)
. Adobe recommends users of Adobe Acrobat 9.4.4 and earlier versions for Windows and Macintosh update to Adobe Acrobat 9.4.5
, and users of Adobe Acrobat 8.2.6 and earlier versions for Windows and Macintosh update to Adobe Acrobat 8.3
... Users can utilize the product's update mechanism
CVE numbers: CVE-2011-2094, CVE-2011-2095, CVE-2011-2096, CVE-2011-2097, CVE-2011-2098, CVE-2011-2099, CVE-2011-2100, CVE-2011-2101, CVE-2011-2102, CVE-2011-2103, CVE-2011-2104, CVE-2011-2105, CVE-2011-2106... before 8.3, 9.x before 9.4.5, and 10.x before 10.1...
June 14 2011
Impact: Denial of service via network, Execution of arbitrary code via network, User access via network...
Version(s): 8.x - 8.2.6, 9.x - 9.4.4, 10.x - 10.0.3
Solution: The vendor has issued a fix (8.3, 9.4.5, 10.1).
___Shockwave Player - critical update
June 14, 2011 - "Critical
vulnerabilities have been identified in Adobe Shockwave Player 188.8.131.520 and earlier versions... Adobe recommends users of Adobe Shockwave Player 184.108.40.2060 and earlier versions upgrade to the newest version 220.127.116.116
, available here: http://get.adobe.com/shockwave/
CVE number: CVE-2011-0317, CVE-2011-0318, CVE-2011-0319, CVE-2011-0320, CVE-2011-0335, CVE-2011-2108, CVE-2011-2109, CVE-2011-2111, CVE-2011-2112, CVE-2011-2113, CVE-2011-2114, CVE-2011-2115, CVE-2011-2116, CVE-2011-2117, CVE-2011-2118, CVE-2011-2119, CVE-2011-2120, CVE-2011-2121, CVE-2011-2122, CVE-2011-2123, CVE-2011-2124, CVE-2011-2125, CVE-2011-2126, CVE-2011-2127
___Hotfix available for ColdFusion
June 14, 2011 - "Important
vulnerabilities have been identified in ColdFusion 9.0.1 and earlier versions for Windows, Macintosh and UNIX. These vulnerabilities could lead to a cross-site request forgery (CSRF) or a remote denial-of-service (DoS). Adobe recommends users update their product...
Adobe recommends affected ColdFusion customers update their installation using the instructions provided in the technote:
CVE number: CVE-2011-0629, CVE-2011-2091
___LiveCycle Data Services, LiveCycle ES, and BlazeDS - Security update
June 14, 2011 - "Two important
security vulnerabilities have been identified in LiveCycle Data Services and BlazeDS. These vulnerabilities affect LiveCycle Data Services 3.1, 2.6.1, 2.5.1 and earlier versions for Windows, Macintosh and UNIX, and LiveCycle 18.104.22.168, 22.214.171.124, 126.96.36.199 and earlier versions for Windows, Linux and UNIX. These vulnerabilities also affect BlazeDS 4.0.1 and earlier versions. Adobe recommends users update their product...
Solution... " Use the URL above for instructions and links.
CVE number: CVE-2011-2092, CVE-2011-2093