Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: Adobe October 2014 Bulletins for Flash Player and Coldfusion SANS ISC InfoSec Forums

Special Webcast: What you need to know about the crypt32.dll vulnerability. Register Now

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Adobe October 2014 Bulletins for Flash Player and Coldfusion

Adobe published two security bulletins today:

APSB-22 [1] : fixes 3 vulnerabilities in Adobe Flash Player as well as in Adobe Air. The vulnerabilities are rated with a priority of "1" for Flash Player running on Windows and OS X , which means they have already been exploited in targeted attacks.

APSB-23 [2] : another 3 vulnerabilities, but this time in Cold Fusion. The priority for these updates is "2" which indicates that they have not yet been exploited in the wild. 

[1] http://helpx.adobe.com/security/products/flash-player/apsb14-22.html
[2] http://helpx.adobe.com/security/products/coldfusion/apsb14-23.html

 

---
Johannes B. Ullrich, Ph.D.
STI|Twitter|LinkedIn

I will be teaching next: Defending Web Applications Security Essentials - SANS San Francisco Spring 2020

Johannes

3733 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!