Threat Level: green Handler on Duty: Daniel Wesemann

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Adobe August 2011 Black Tuesday Overview

Published: 2011-08-09
Last Updated: 2011-08-10 11:57:37 UTC
by Swa Frantzen (Version: 2)
3 comment(s)

Although none of us seems to have seen any warning, Adobe has released 5 bulletins today.

These update Adobe products to the following versions:

  • Adobe Shockwave Player 11.6.1.629
  • Flash Media Server 4.0.3 (or 3.5.7 if you are using 3.x)
  • Adobe Flash Player
    • Android 10.3.186.3
    • Windows, OS X, Solaris, Linux 10.3.183.5
  • Adobe Air 2.7.1
  • Photoshop version is not changed by the update.
  • Robohelp version is not changed, but version 9.0.1.262 is not vulnerable.

Overview of the August 9th 2011 Adobe Patches.

# Affected Known Exploits Adobe rating
APSB11-19 Multiple memory corruption vulnerabilities in the shockwave player allow random code execution.
Shockwave Player

CVE-2010-4308
CVE-2010-4309
CVE-2011-2419
CVE-2011-2420
CVE-2011-2421
CVE-2011-2422
CVE-2011-2423
TBD Critical
APSB11-20 A memory corruption vulnerability in the Flash media Server (FMS) allows a denial of service.
Flash Media Server (FMS)

CVE-2011-2132
TBD Critical
APSB11-21 Multiple vulnerabilities in flash player allow random code execution.
Flash Player
Adobe AIR

CVE-2011-2134
CVE-2011-2135
CVE-2011-2136
CVE-2011-2137
CVE-2011-2138
CVE-2011-2139
CVE-2011-2140
CVE-2011-2414
CVE-2011-2415
CVE-2011-2416
CVE-2011-2417
CVE-2011-2425

Adobe claims to not be aware of any exploits in the wild against the vulnerabilities are patched in Flash Player

 

 

Critical
APSB11-22 A memory corruption vulnerability in Photoshop CS5, CS5.1 and earlier allows random code execution.
Photoshop

CVE-2011-2131
TBD Critical
APSB11-23 A cross site scripting (XSS) vulnerability attack against RoboHelp installations.
RoboHelp

CVE-2011-2133
TBD Important

Please note that adobe is at the time of writing inconsistent in the CVE names they fixed (CVE-2010-XXXX vs CVE-2011-XXXX), I've tried to guess the right ones, but we won't know for sure till the CVE databases are up to date.

This is an effort to try to structure the non-microsoft patches more or less in a familiar format on Black Tuesday, depending on the amount of available information available we can have more or less columns. Do let us know what you think of it!

--
Swa Frantzen -- Section 66

3 comment(s)
Diary Archives