Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC: MS06-069: Adobe Flash Player - SANS Internet Storm Center SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
MS06-069: Adobe Flash Player
CVE-2006-3014, CVE-2006-3311, CVE-2006-3587, CVE-2006-3588, and CVE-2006-4640

Updates Adobe's Macromedia Flash Player which was inlcuded in XP SP2 and XP Pro x64.  This appears to be the same update that Adobe made available in September (see here).

A buffer overflow exists that could be exploited by a malformed SWF file which could be distributed via web or e-mail.

This patch should be considered critical for user machines and less urgent for servers.  Those who updated Flash Player as a result of the Adobe bulletin should not be at risk.

http://www.microsoft.com/technet/security/bulletin/ms06-069.mspx
I will be teaching next: Reverse-Engineering Malware: Malware Analysis Tools and Techniques - SANS DFIR Summit & Training 2022

Jim

423 Posts
ISC Handler
Nov 14th 2006

Sign Up for Free or Log In to start participating in the conversation!