News: Cexx forums, with volunteers dedicated to helping you remove malware and stay protected
 
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
October 30, 2014, 09:39:46
Pages: 1 2 3 [4] 5 6 ... 10   Go Down
  Print  
Topic: Adobe updates/advisories  (Read 51905 times)
0 Members and 1 Guest are viewing this topic.
« Reply #45 on: June 29, 2010, 13:50:08 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 8365



FYI...

Adobe Reader/Acrobat v9.3.3 released
- http://www.adobe.com/support/security/bulletins/apsb10-15.html
June 29, 2010 - CVE numbers: CVE-2010-1240, CVE-2010-1285, CVE-2010-1295, CVE-2010-1297, CVE-2010-2168, CVE-2010-2201, CVE-2010-2202, CVE-2010-2203, CVE-2010-2204, CVE-2010-2205, CVE-2010-2206, CVE-2010-2207, CVE-2010-2208, CVE-2010-2209, CVE-2010-2210, CVE-2010-2211, CVE-2010-2212
Platform: All Platforms
Summary: Critical vulnerabilities have been identified in Adobe Reader/Acrobat 9.3.2... Adobe recommends users of Adobe Reader/Acrobat 9.3.2 and earlier versions for Windows, Macintosh and UNIX update to Adobe Reader/Acrobat 9.3.3. (For Adobe Reader/Acrobat users on Windows and Macintosh, who cannot update to Adobe Reader/Acrobat 9.3.3, Adobe has provided the Adobe Reader/Acrobat 8.2.3 update.)...
Adobe Reader/Acrobat - Users can utilize the product's automatic update feature. The default installation configuration runs automatic updates on a regular schedule and can be manually activated by choosing Help > Check for Updates...

- http://www.adobe.com/support/downloads/new.jsp

- http://secunia.com/advisories/40034/
Last Update: 2010-06-30
Criticality level: Extremely critical
Impact: System access
Where: From remote ...
NOTE: The vulnerability is currently being actively exploited...
Solution: Update to version 9.3.3 or 8.2.3.

- http://securitytracker.com/alerts/2010/Jun/1024159.html
Jun 29 2010

- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1240
Last revised: 07/02/2010
CVSS v2 Base Score: 9.3 (HIGH)
"... Acrobat 9.x before 9.3.3, and 8.x before 8.2.3..."
- http://isc.sans.edu/diary.html?storyid=9112
Last Updated: 2010-07-02 02:43:08 UTC

 Exclamation
« Last Edit: July 02, 2010, 03:35:58 by AplusWebMaster » Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.
« Reply #46 on: August 10, 2010, 17:28:11 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 8365



FYI...

Adobe Flash Player / Adobe AIR - critical updates
- http://www.adobe.com/support/security/bulletins/apsb10-16.html
August 10, 2010 - "Critical vulnerabilities have been identified in Adobe Flash Player version 10.1.53.64 and earlier. These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system.
Adobe recommends users of Adobe Flash Player 10.1.53.64 and earlier versions update to Adobe Flash Player 10.1.82.76. Adobe recommends users of Adobe AIR 2.0.2.12610 and earlier versions update to Adobe AIR 2.0.3.
CVE number: CVE-2010-0209, CVE-2010-2188, CVE-2010-2213, CVE-2010-2214, CVE-2010-2215, CVE-2010-2216
Affected software versions:
• Adobe Flash Player 10.1.53.64 and earlier versions for Windows, Macintosh, Linux, and Solaris
• Adobe AIR 2.0.2.12610 and earlier versions for Windows, Macintosh and Linux...
For users who cannot update to Flash Player 10.1.82.76, Adobe has developed a patched version of Flash Player 9, Flash Player 9.0.280, which can be downloaded from here*...
Adobe recommends all users of Adobe AIR 2.0.2.12610 and earlier versions update to the newest version 2.0.3 by downloading it from the Adobe AIR Download Center:
- http://get.adobe.com/air/

* http://kb2.adobe.com/cps/406/kb406791.html

Direct download current version - executable Flash Player installer...
- http://fpdownload.adobe.com/get/flashplayer/current/install_flash_player_ax.exe
For IE ...
- http://fpdownload.adobe.com/get/flashplayer/current/install_flash_player.exe
For Firefox, other browsers, etc...

Flash test site: http://www.adobe.com/software/flash/about/
... should read: "You have version 10,1,82,76 installed"
___

Adobe Flash Media Server - critical update
- http://www.adobe.com/support/security/bulletins/apsb10-19.html
August 10, 2010
CVE number: CVE-2010-2217, CVE-2010-2218, CVE-2010-2219, CVE-2010-2220
Platform: Windows, Linux ...
___

Hotfix available for ColdFusion
- http://www.adobe.com/support/security/bulletins/apsb10-18.html
August 10, 2010
Affected software versions: ColdFusion 8.0, 8.0.1, 9.0, 9.0.1 and earlier versions for Windows, Macintosh and UNIX
Solution: Adobe recommends affected ColdFusion customers update their installation using the instructions provided in the technote**...
Severity rating: Adobe categorizes this as an important update...
** http://kb2.adobe.com/cps/857/cpsid_85766.html
___

- http://secunia.com/advisories/40907/
- http://secunia.com/advisories/40909/
- http://secunia.com/advisories/40910/
Release Date: 2010-08-11
___

http://www.securitytracker.com/id?1024313 - Flash Player
http://www.securitytracker.com/id?1024315 - Flash Media Server
http://www.securitytracker.com/id?1024314 - ColdFusion
Aug 10 2010
___

- http://www.adobe.com/support/security/severity_ratings.html
"Critical: A vulnerability, which, if exploited would allow malicious native-code to execute, potentially without a user being aware.
 Important: A vulnerability, which, if exploited would compromise data security, potentially allowing access to confidential data, or could compromise processing resources in a user's computer..."

 Exclamation
« Last Edit: August 23, 2010, 18:39:08 by AplusWebMaster » Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.
« Reply #47 on: August 22, 2010, 00:28:14 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 8365



FYI...

Adobe Reader/Acrobat v9.3.4 released
- http://www.adobe.com/support/security/bulletins/apsb10-17.html
August 19, 2010
CVE numbers:
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2862
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1240
Platform: All Platforms
Summary: Critical vulnerabilities have been identified in Adobe Reader 9.3.3 (and earlier versions) for Windows, Macintosh and UNIX, Adobe Acrobat 9.3.3 (and earlier versions) for Windows and Macintosh, and Adobe Reader 8.2.3 (and earlier versions) and Adobe Acrobat 8.2.3 (and earlier versions) for Windows and Macintosh. These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system... Adobe recommends users of Adobe Reader 9.3.3 and earlier versions for Windows, Macintosh and UNIX update to Adobe Reader 9.3.4. (For Adobe Reader users on Windows and Macintosh, who cannot update to Adobe Reader 9.3.4, Adobe has provided the Adobe Reader 8.2.4 update*.) Adobe recommends users of Adobe Acrobat 9.3.3 and earlier versions for Windows and Macintosh update to Adobe Acrobat 9.3.4. Adobe recommends users of Adobe Acrobat 8.2.3 and earlier versions for Windows and Macintosh update to Adobe Acrobat 8.2.4...
These updates resolve an integer overflow vulnerability that could lead to code execution (CVE-2010-2862).
These updates further mitigate a social engineering attack that could lead to code execution (CVE-2010-1240)...
Users can utilize the product's update mechanism...
* http://www.adobe.com/support/downloads/new.jsp
___

- http://www.us-cert.gov/cas/techalerts/TA10-231A.html
August 19, 2010 - "... vulnerabilities could allow a remote attacker to execute arbitrary code, write arbitrary files or folders to the file system, escalate local privileges, or cause a denial of service on an affected system as the result of a user opening a malicious PDF file...
Solution:
• Update... Users are encouraged to read Adobe Security Bulletin APSB10-17* and update vulnerable versions of Adobe Reader and Acrobat...
• Disable JavaScript in Adobe Reader and Acrobat ... JavaScript can be disabled using the Preferences menu...
• Disable the display of PDF files in the web browser ... Uncheck the 'Display PDF in browser' checkbox...."
(More detail at the US-CERT URL above.)
* http://www.adobe.com/support/security/bulletins/apsb10-17.html

 Exclamation
« Last Edit: August 24, 2010, 04:02:00 by AplusWebMaster » Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.
« Reply #48 on: August 24, 2010, 18:20:21 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 8365



FYI...

Shockwave Player v11.5.8.612 released
- http://www.adobe.com/support/security/bulletins/apsb10-20.html
August 24, 2010
CVE number: CVE-2010-2863, CVE-2010-2864, CVE-2010-2865, CVE-2010-2866, CVE-2010-2867, CVE-2010-2868, CVE-2010-2869, CVE-2010-2870, CVE-2010-2871, CVE-2010-2872, CVE-2010-2873, CVE-2010-2874, CVE-2010-2875, CVE-2010-2876, CVE-2010-2877, CVE-2010-2878, CVE-2010-2879, CVE-2010-2880, CVE-2010-2881, CVE-2010-2882
Platform: Windows and Macintosh
Summary: Critical vulnerabilities have been identified in Adobe Shockwave Player 11.5.7.609 and earlier versions on the Windows and Macintosh operating systems. The vulnerabilities could allow an attacker, who successfully exploits these vulnerabilities, to run malicious code on the affected system. Adobe recommends users of Adobe Shockwave Player 11.5.7.609 and earlier versions update to Adobe Shockwave Player 11.5.8.612...
Solution: Adobe recommends users of Adobe Shockwave Player 11.5.7.609 and earlier versions upgrade to the newest version 11.5.8.612, available here: http://get.adobe.com/shockwave/ ...

 Exclamation Exclamation
Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.
« Reply #49 on: September 20, 2010, 11:33:25 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 8365



FYI...

Adobe Flash Player v10.1.85.3 released
- http://www.adobe.com/support/security/bulletins/apsb10-22.html
Sep. 20, 2010 - "A critical  vulnerability exists in Adobe Flash Player 10.1.82.76 and earlier versions for Windows, Macintosh, Linux, and Solaris, and Adobe Flash Player 10.1.92.10 for Android. This vulnerability also affects Adobe Reader 9.3.4 and earlier versions for Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh... Adobe recommends users of Adobe Flash Player 10.1.82.76 and earlier versions for Windows, Macintosh, Linux, and Solaris update to Adobe Flash Player 10.1.85.3, and users of Adobe Flash Player 10.1.92.10 for Android update to Adobe Flash Player 10.1.95.1... Users of Flash Player for Android version 10.1.92.10 and earlier can update to Flash Player version 10.1.95.1 by browsing to the Android Marketplace on an Android phone. For users who cannot update to Flash Player 10.1.85.3, Adobe has developed a patched version of Flash Player 9, Flash Player 9.0.283, which can be downloaded here*..."
* http://www.adobe.com/go/kb406791

- http://get.adobe.com/flashplayer/
___

Direct download current version - executable Flash Player installer...
- http://fpdownload.adobe.com/get/flashplayer/current/install_flash_player_ax.exe
For IE ...
- http://fpdownload.adobe.com/get/flashplayer/current/install_flash_player.exe
For Firefox, other browsers, etc...

Flash test site: http://www.adobe.com/software/flash/about/
... should read: "You have version 10,1,85,3 installed"
___

- http://secunia.com/advisories/41434/
Last updated 2010-09-21
Criticality level: Extremely critical
Solution: Update to version 9.0.283 or 10.1.85.3...

 Exclamation
« Last Edit: September 21, 2010, 04:44:21 by AplusWebMaster » Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.
« Reply #50 on: October 05, 2010, 16:08:02 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 8365



FYI...

Adobe Reader/Acrobat v9.4 update available
- http://www.adobe.com/support/security/bulletins/apsb10-21.html
October 5, 2010 - "Critical vulnerabilities have been identified in Adobe Reader 9.3.4 (and earlier versions) for Windows, Macintosh and UNIX, Adobe Acrobat 9.3.4 (and earlier versions) for Windows and Macintosh, and Adobe Reader 8.2.4 (and earlier versions) and Adobe Acrobat 8.2.4 (and earlier versions) for Windows and Macintosh... Adobe recommends users of Adobe Reader 9.3.4 and earlier versions for Windows, Macintosh and UNIX update to Adobe Reader 9.4. (For Adobe Reader users on Windows and Macintosh, who cannot update to Adobe Reader 9.4, Adobe has provided the Adobe Reader 8.2.5 update.) Adobe recommends users of Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh update to Adobe Acrobat 9.4. Adobe recommends users of Adobe Acrobat 8.2.4 and earlier versions for Windows and Macintosh update to Adobe Acrobat 8.2.5... Adobe Reader Users on Windows and Macintosh can utilize the product's update mechanism..."
CVE Numbers: CVE-2010-2883, CVE-2010-2884, CVE-2010-2887, CVE-2010-2888, CVE-2010-2889, CVE-2010-2890, CVE-2010-3619, CVE-2010-3620, CVE-2010-3621, CVE-2010-3622, CVE-2010-3623, CVE-2010-3624, CVE-2010-3625, CVE-2010-3626, CVE-2010-3627, CVE-2010-3628, CVE-2010-3629, CVE-2010-3630, CVE-2010-3631, CVE-2010-3632, CVE-2010-3656, CVE-2010-3657, CVE-2010-3658
"... Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5..."

- http://www.adobe.com/support/downloads/new.jsp
10/5/2010

- http://secunia.com/advisories/41340/
Last Update: 2010-10-06
Criticality level: Extremely critical
Impact: System access ...
"... NOTE: The vulnerability is currently being actively exploited..."
Solution: Update to version 8.2.5 and 9.4...

- http://securitytracker.com/alerts/2010/Oct/1024511.html
Oct 6 2010

 Exclamation
« Last Edit: October 08, 2010, 10:44:48 by AplusWebMaster » Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.
« Reply #51 on: October 28, 2010, 11:24:10 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 8365



FYI...

Shockwave v11.5.9.615 released
- http://www.adobe.com/support/security/bulletins/apsb10-25.html
CVE number: CVE-2010-2581, CVE-2010-2582, CVE-2010-3653, CVE-2010-3655, CVE-2010-4084, CVE-2010-4085, CVE-2010-4086, CVE-2010-4087, CVE-2010-4088, CVE-2010-4089, CVE-2010-4090
October 28, 2010 - "Critical vulnerabilities have been identified in Adobe Shockwave Player 11.5.8.612 and earlier versions on the Windows and Macintosh operating systems... Adobe recommends users of Adobe Shockwave Player 11.5.8.612 and earlier versions upgrade to the newest version 11.5.9.615, available here:
- http://get.adobe.com/shockwave/ ..."

 Exclamation
Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.
« Reply #52 on: November 04, 2010, 15:10:52 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 8365



FYI...

Flash Media Server multiple vulns - update available
- http://secunia.com/advisories/42157/
Release Date: 2010-11-10
Criticality level: Highly critical
Impact: DoS, System access
Where: From remote ...
Solution: Update to Flash Media Server version 3.0.7, 3.5.5, or 4.0.1.
Original Advisory: APSB10-27:
http://www.adobe.com/support/security/bulletins/apsb10-27.html
CVE-2010-3633, CVE-2010-3634, CVE-2010-3635
___

Flash v10.1.102.64 released
- http://www.adobe.com/support/security/advisories/apsa10-05.html
Last updated: November 4, 2010 - "A critical vulnerability exists in Adobe Flash Player 10.1.85.3 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems; Adobe Flash Player 10.1.95.2 and earlier versions for Android... Adobe recommends... update to Adobe Flash Player 10.1.102.64. For More information, please refer to Security Bulletin APSB10-26*..."
* http://www.adobe.com/support/security/bulletins/apsb10-26.html
Release date: November 4, 2010
CVE number: CVE-2010-3636, CVE-2010-3637, CVE-2010-3638, CVE-2010-3639, CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, CVE-2010-3652, CVE-2010-3654, CVE-2010-3976
Platform: All Platforms...
Adobe recommends users of Adobe Flash Player 10.1.85.3 and earlier versions for Windows, Macintosh, Linux, and Solaris update to Adobe Flash Player 10.1.102.64... users who cannot update to Flash Player 10.1.102.64, Adobe has developed a patched version of Flash Player 9, Flash Player 9.0.289.0, which can be downloaded from: http://www.adobe.com/go/kb406791 ..."

- http://www.adobe.com/support/security/bulletins/apsb10-26.html
Last updated: November 9, 2010 - "... Users of Flash Player for Android version 10.1.95.1 and earlier can update to Flash Player version 10.1.105.6 by browsing to the Android Marketplace on an Android phone*..."
* http://market//details?id=com.adobe.flashplayer
___

Direct download current version - executable Flash Player installer...
- http://fpdownload.adobe.com/get/flashplayer/current/install_flash_player_ax.exe
For IE ...
- http://fpdownload.adobe.com/get/flashplayer/current/install_flash_player.exe
For Firefox, other browsers, etc...

Flash test site: http://www.adobe.com/software/flash/about/
... should read: "You have version 10,1,102,64 installed"
___

- http://www.securitytracker.com/id?1024685
Nov 5 2010
___

Flash Update plugs 18 security holes
- http://krebsonsecurity.com/2010/11/flash-update-plugs-18-security-holes/
v10.1.102.64 ...

 Exclamation Exclamation
« Last Edit: November 10, 2010, 09:12:11 by AplusWebMaster » Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.
« Reply #53 on: November 16, 2010, 13:10:29 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 8365



FYI...

Adobe Reader/Acrobat v9.4.1 released
- http://www.adobe.com/support/security/bulletins/apsb10-28.html
November 16, 2010 - "Critical vulnerabilities... Adobe recommends users of Adobe Reader 9.4 and earlier versions for Windows and Macintosh update to Adobe Reader 9.4.1, available now. Adobe recommends users of Adobe Reader 9.4 and earlier versions for UNIX update to Adobe Reader 9.4.1, expected to be available on November 30, 2010. Adobe recommends users of Adobe Acrobat 9.4 and earlier 9.x versions for Windows and Macintosh update to Adobe Acrobat 9.4.1...
Adobe Reader/Acrobat: Users on Windows and Macintosh can utilize the product's update mechanism..."
CVE numbers:
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3654
CVSS v2 Base Score: 9.3 (HIGH)
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4091
CVSS v2 Base Score: 9.3 (HIGH)

- http://www.adobe.com/support/downloads/new.jsp
11/16/2010

 Exclamation
« Last Edit: November 16, 2010, 13:25:03 by AplusWebMaster » Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.
« Reply #54 on: November 19, 2010, 04:16:50 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 8365



FYI...

Adobe Reader X released
- http://www.adobe.com/products/reader/tech-specs.html

- http://www.adobe.com/products/reader/features.html

- http://get.adobe.com/reader/otherversions/

- http://www.adobe.com/products/reader.html

- http://www.adobe.com/support/downloads/new.jsp
11/18/2010

- http://isc.sans.edu/diary.html?storyid=9976
Last Updated: 2010-11-19 17:45:42 UTC - "... This is the version of Reader that has sandbox feature built-in, there is now a degree of separation between the OS and the potentially malicious PDF files. The same sandbox mechanism had been implemented in Google Chrome and also MS Office. Containment of the harmful files lessen the damage should a successful attack were to happen..."

- http://en.wikipedia.org/wiki/Sandbox_%28computer_security%29

 Exclamation
« Last Edit: November 19, 2010, 10:52:14 by AplusWebMaster » Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.
« Reply #55 on: December 03, 2010, 23:15:21 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 8365



FYI...

Adobe Illustrator CS5 v15.0.2 released
- http://www.adobe.com/support/security/bulletins/apsb10-29.html
December 3, 2010 - Vulnerability identifier: APSB10-29
CVE number: CVE-2010-3152
"An important library-loading vulnerability has been identified in Adobe Illustrator CS5 15.0.1 and earlier on the Windows platform... Adobe recommends Adobe Illustrator CS5 users update their installation using the instructions provided here*...
Severity rating: Adobe categorizes this as a -important- update and recommends that users apply the latest update for their product installation..."
* http://www.adobe.com/support/downloads/detail.jsp?ftpID=4910
"Adobe® Illustrator 15.0.2 update addresses a number of issues related to stability, including the following:
• PSD files lose saturation of spot colors when imported into AiCS5
• Performance problems when guides are set to dot
• Acrobat 10 documents with passwords fail to open
• Improved precision with DXF import
• Links are broken in legacy formats when image name contains Japanese characters for voiced sound marks
• Rounded Corner Edges that curved inside flipped to curve outside
• Non-Specific Crash when opening or closing files
• Security Issues ..."

 Exclamation
Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.
« Reply #56 on: December 13, 2010, 04:34:53 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 8365



FYI...

Adobe Photoshop v12.0.2 released
- http://secunia.com/advisories/42492/
Release Date: 2010-12-13
Criticality level: Moderately critical
Impact: Unknown
Where: From remote
Solution Status: Vendor Patch
... The vulnerabilities are reported in versions prior to CS5 12.0.2.
Solution: Update to version CS5 12.0.2...
Original Advisory:
http://www.adobe.com/support/downloads/detail.jsp?ftpID=4893

 Exclamation
Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.
« Reply #57 on: December 19, 2010, 03:22:01 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 8365



FYI...

Adobe Photoshop CS5 - Security update
- http://www.adobe.com/support/security/bulletins/apsb10-30.html
December 17, 2010 - "An important library-loading vulnerability has been identified in Adobe Photoshop CS5 12.0.1 and earlier on the Windows platform. Adobe recommends users update their Adobe Photoshop CS5 installations..."
CVE number: CVE-2010-3127

Adobe Photoshop 12.0.3 update
- http://www.adobe.com/support/downloads/detail.jsp?ftpID=4949
"... Adobe Photoshop 12.0.3 update fixes a number of high priority bugs including tool tips on Windows XP, painting performance and type-related issues. This update is recommended for all Windows users..."

 Exclamation
Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.
« Reply #58 on: February 08, 2011, 14:55:45 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 8365



FYI...

Security updates - Adobe Reader and Acrobat
- http://www.adobe.com/support/security/bulletins/apsb11-03.html
February 8, 2011
CVE Numbers: CVE-2010-4091, CVE-2011-0562, CVE-2011-0563, CVE-2011-0564, CVE-2011-0565, CVE-2011-0566, CVE-2011-0567, CVE-2011-0568, CVE-2011-0570, CVE-2011-0585, CVE-2011-0586, CVE-2011-0587, CVE-2011-0588, CVE-2011-0589, CVE-2011-0590, CVE-2011-0591, CVE-2011-0592, CVE-2011-0593, CVE-2011-0594, CVE-2011-0595, CVE-2011-0596, CVE-2011-0598, CVE-2011-0599, CVE-2011-0600, CVE-2011-0602, CVE-2011-0603, CVE-2011-0604, CVE-2011-0605, CVE-2011-0606
"Critical vulnerabilities have been identified in Adobe Reader X (10.0) for Windows and Macintosh; Adobe Reader 9.4.1 and earlier versions for Windows, Macintosh and UNIX; and Adobe Acrobat X (10.0) and earlier versions for Windows and Macintosh. These vulnerabilities could cause the application to crash and potentially allow an attacker to take control of the affected system. Risk for Adobe Reader X users is significantly lower, as none of these issues bypass Protected Mode mitigations. Adobe recommends users of Adobe Reader X (10.0) and earlier versions for Windows and Macintosh update to Adobe Reader X (10.0.1), available now. Adobe recommends users of Adobe Reader 9.4.1 for UNIX update to Adobe Reader 9.4.2, expected to be available by the week of February 28, 2011. For users of Adobe Reader 9.4.1 and earlier versions for Windows and Macintosh who cannot update to Adobe Reader X (10.0.1), Adobe has made available updates, Adobe Reader 9.4.2 and Adobe Reader 8.2.6. Adobe recommends users of Adobe Acrobat X (10.0) for Windows and Macintosh update to Adobe Acrobat X (10.0.1). Adobe recommends users of Adobe Acrobat 9.4.1 and earlier versions for Windows and Macintosh update to Adobe Acrobat 9.4.2, and users of Adobe Acrobat 8.2.5 and earlier versions for Windows and Macintosh update to Adobe Acrobat 8.2.6...
Adobe Reader: Users on Windows and Macintosh can utilize the product's update mechanism... Update checks can be manually activated by choosing Help > Check for Updates...
Adobe Acrobat: Users can utilize the product's update mechanism... Update checks can be manually activated by choosing Help > Check for Updates..."

- http://secunia.com/advisories/43207/
Release Date: 2011-02-09
Criticality level: Highly critical
Impact: Cross Site Scripting, Privilege escalation, System access
Where: From remote ...
Solution: Update to version 8.2.6, 9.4.2, or 10.0.1.
___

• Full Download/Updates-Programs/Add-ons...
- http://www.adobe.com/support/downloads/product.jsp?product=10&platform=Windows
___

ColdFusion - Hotfix available...
- http://www.adobe.com/support/security/bulletins/apsb11-04.html
February 8, 2011 - "Important vulnerabilities have been identified in ColdFusion 9.0.1 and earlier versions for Windows, Macintosh and UNIX. These vulnerabilities could lead to cross-site scripting, Session Fixation, CRLF injection and information disclosure... Adobe recommends affected ColdFusion customers update their installation using the instructions provided in the technote:
- http://kb2.adobe.com/cps/890/cpsid_89094.html

- http://secunia.com/advisories/43264/
Release Date: 2011-02-09
Criticality level: Moderately critical
Impact: Cross Site Scripting, Exposure of sensitive information
Where: From remote...
Solution: Apply the Hotfix.
Original Advisory: Adobe (APSB11-04):
http://www.adobe.com/support/security/bulletins/apsb11-04.html

 Exclamation Exclamation
« Last Edit: February 10, 2011, 04:06:52 by AplusWebMaster » Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.
« Reply #59 on: February 08, 2011, 18:24:12 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 8365



FYI...

Adobe Flash Player - Security update
- http://www.adobe.com/support/security/bulletins/apsb11-02.html
February 8, 2011
CVE Numbers: CVE-2011-0558, CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0575, CVE-2011-0577, CVE-2011-0578, CVE-2011-0607, CVE-2011-0608
"Critical vulnerabilities have been identified in Adobe Flash Player 10.1.102.64 and earlier versions for Windows, Macintosh, Linux, and Solaris. These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system. Adobe recommends users of Adobe Flash Player 10.1.102.64 and earlier versions for Windows, Macintosh, Linux, and Solaris update to Adobe Flash Player 10.2.152.26..."

Direct download current version - executable Flash Player installer...
- http://fpdownload.adobe.com/get/flashplayer/current/install_flash_player_ax.exe
For IE ...
- http://fpdownload.adobe.com/get/flashplayer/current/install_flash_player.exe
For Firefox, other browsers, etc...

Flash test site: http://www.adobe.com/software/flash/about/
... should read: "You have version 10,2,152,26 installed"

- http://secunia.com/advisories/43267/
Release Date: 2011-02-09
Criticality level: Highly critical
Impact: System access
Where: From remote
Solution: Update to version 10.2.152.26.

- http://www.securitytracker.com/id/1025055
Feb 9 2011
___

Shockwave Player - Security update
- http://www.adobe.com/support/security/bulletins/apsb11-01.html
February 8, 2011
CVE number: CVE-2010-2587, CVE-2010-2588, CVE-2010-2589, CVE-2010-4092, CVE-2010-4093, CVE-2010-4187, CVE-2010-4188, CVE-2010-4189, CVE-2010-4190, CVE-2010-4191, CVE-2010-4192, CVE-2010-4193, CVE-2010-4194, CVE-2010-4195, CVE-2010-4196, CVE-2010-4306, CVE-2010-4307, CVE-2011-0555, CVE-2011-0556, CVE-2011-0557, CVE-2011-0569
"Critical vulnerabilities have been identified in Adobe Shockwave Player 11.5.9.615 and earlier versions on the Windows and Macintosh operating systems. These vulnerabilities could allow an attacker, who successfully exploits these vulnerabilities, to run malicious code on the affected system. Adobe recommends users of Adobe Shockwave Player 11.5.9.615 and earlier versions update to Adobe Shockwave Player 11.5.9.620... Adobe recommends users of Adobe Shockwave Player 11.5.9.615 and earlier versions upgrade to the newest version 11.5.9.620, available here:
- http://get.adobe.com/shockwave ..."

- http://www.securitytracker.com/id/1025056
Feb 9 2011

 Exclamation Exclamation
« Last Edit: February 10, 2011, 04:05:48 by AplusWebMaster » Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.
 
Pages: 1 2 3 [4] 5 6 ... 10   Go Up
  Print  
 
Jump to:  

Powered by SMF 1.1.20 | SMF © 2013, Simple Machines Page created in 1.306 seconds with 20 queries.